Google Git
Sign in
apache/tomcat/HEAD/./webapps/docs/changelog.xml
blob: 4059918d823ea8a3d0f10062f13d16fdfd4ef14d [file]
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<!DOCTYPE document [
<!ENTITY project SYSTEM "project.xml">
<!-- DTD is used to validate changelog structure at build time. BZ 64931. -->
<!ELEMENT document (project?, properties, body)>
<!ATTLIST document url CDATA #REQUIRED>
<!-- body and title are used both in project.xml and in this document -->
<!ELEMENT body ANY>
<!ELEMENT title (#PCDATA)>
<!-- Elements of project.xml -->
<!ELEMENT project (title, logo, body)>
<!ATTLIST project name CDATA #REQUIRED>
<!ATTLIST project href CDATA #REQUIRED>
<!ELEMENT logo (#PCDATA)>
<!ATTLIST logo href CDATA #REQUIRED>
<!ELEMENT menu (item+)>
<!ATTLIST menu name CDATA #REQUIRED>
<!ELEMENT item EMPTY>
<!ATTLIST item name CDATA #REQUIRED>
<!ATTLIST item href CDATA #REQUIRED>
<!-- Elements of this document -->
<!ELEMENT properties (author*, title, no-comments) >
<!ELEMENT author (#PCDATA)>
<!ATTLIST author email CDATA #IMPLIED>
<!ELEMENT no-comments EMPTY>
<!ELEMENT section (subsection)*>
<!ATTLIST section name CDATA #REQUIRED>
<!ATTLIST section rtext CDATA #IMPLIED>
<!ELEMENT subsection (changelog+)>
<!ATTLIST subsection name CDATA #REQUIRED>
<!ELEMENT changelog (add|update|fix|scode|docs|design)*>
<!ELEMENT add ANY>
<!ELEMENT update ANY>
<!ELEMENT fix ANY>
<!ELEMENT scode ANY>
<!ELEMENT docs ANY>
<!ELEMENT design ANY>
<!ELEMENT bug (#PCDATA)>
<!ELEMENT rev (#PCDATA)>
<!ELEMENT pr (#PCDATA)>
<!-- Random HTML markup tags. Add more here as needed. -->
<!ELEMENT a (#PCDATA)>
<!ATTLIST a href CDATA #REQUIRED>
<!ATTLIST a rel CDATA #IMPLIED>
<!ELEMENT b (#PCDATA)>
<!ELEMENT code (#PCDATA)>
<!ELEMENT em (#PCDATA)>
<!ELEMENT strong (#PCDATA)>
<!ELEMENT tt (#PCDATA)>
]>
<?xml-stylesheet type="text/xsl" href="tomcat-docs.xsl"?>
<document url="changelog.html">
&project;
<properties>
<title>Changelog</title>
<no-comments />
</properties>
<body>
<!--
For guidance on writing changelog entries, see the "Changelog Entries"
section in CONTRIBUTING.md.
Subsection ordering:
General, Catalina, Coyote, Jasper, Cluster, WebSocket, Web applications,
Extras, Tribes, jdbc-pool, Other
Item Ordering:
Fixes having an issue number are sorted by their number, ascending.
There is no ordering by add/update/fix/scode/docs/design.
Other fixed issues are added to the end of the list, chronologically.
They eventually become mixed with the numbered issues (i.e., numbered
issues do not "pop up" wrt. others).
-->
<section name="Tomcat 12.0.0-M1 (markt)" rtext="in development">
<subsection name="General">
<changelog>
<scode>
This release contains all of the changes up to and including those in
Apache Tomcat 11.0.22 plus the additional changes listed below. (markt)
</scode>
<update>
The minimum Java version has been updated to Java 21. (markt)
</update>
</changelog>
</subsection>
<subsection name="Catalina">
<changelog>
<fix>
Lower the log level to debug when OpenSSL initialization fails in
<code>OpenSSLLifecycleListener</code> to avoid stack traces
when <code>libssl.so</code> is not present and to align the behavior
of the <code>isAvailable()</code> check with the
<code>AprLifecycleListener</code> and gracefully fail when natives
are not present. (csutherl)
</fix>
<fix>
Prevent duplicate log messages when clustering JARs are not present on
startup. (csutherl)
</fix>
<add>
Add the Jakarta EE 12 XML schemas. (markt)
</add>
<add>
Add support for the new Servlet API method
<code>HttpServletResponse.sendEarlyHints()</code>. (markt)
</add>
<update>
Remove <code>JDBCAccessLogValve</code> which provides limited
functionality compared to what is expected from an
<code>AccessLog</code> and was not implemented in a scalable way.
(remm)
</update>
<add>
Added support for limiting the number of parameters in HTTP requests through
the new <code>ParameterLimitValve</code>. The valve allows configurable
URL-specific limits on the number of parameters. (dsoumis)
</add>
<fix>
Remove the <code>useAcceptRanges</code> initialisation parameter for
the default servlet. It is now effectively hard coded to
<code>true</code>. (markt)
</fix>
<update>
Change the default for the <code>encodedSolidusHandling</code> attribute
of <strong>Context</strong> from <code>decode</code> to
<code>reject</code>. (markt)
</update>
<fix>
When searching the web application class loader for a resource or
resources by name, align the behaviour with the JRE class loaders and
always return <code>null</code> if the provided name starts with
<code>/</code>. (markt)
</fix>
<update>
Update the default value for the <code>allowPostAsGet</code>
initialisation parameter of the Default servlet from <code>true</code>
to <code>false</code>. This means a direct request (i.e. not a forward
or an include) for a static resource using the POST method will be
rejected by default. (markt)
</update>
<scode>
Calls to <code>HttpServletRequest.getContextPath()</code> now return the
canonical context path for the web application rather than the component
of the request URI presented by the user agent that maps to the context
path. (markt)
</scode>
<update>
Change the default value of the <code>archiveIndexStrategy</code>
attribute of the <code>Resources</code> element from <code>simple</code>
to <code>bloom</code> to improve web application class loading
performance. (markt)
</update>
<update>
Remove regular expression support for the configuration of internal and
trusted proxies for the <code>RemoteIpFilter</code> and
<code>RemoteIpValve</code>. (markt)
</update>
<update>
Remove the <code>RemoteAddrFilter</code> and
<code>RemoteAddrValve</code>. (markt)
</update>
<update>
Change the default for the <code>digestInRfc3112Order</code> attribute
of <code>MessageDigestCredentialHandler</code> from <code>false</code>
to <code>true</code>. (markt)
</update>
<scode>
Add constants to <code>HttpServletResponse</code> for the HTTP status
codes defined in RFC 6585. (markt)
</scode>
<add>
Enhance <code>version.sh</code> and <code>version.bat</code> to display
APR, Tomcat Native, and OpenSSL version information (both APR and FFM
implementations), along with version compatibility warnings and
third-party library version information. (csutherl)
</add>
<!-- Entries for backport and removal before 12.0.0-M1 below this line -->
<add>
Add support for literal <code>'%'</code> characters in access log
output. Based on pull request <pr>1002</pr> by Fabian Hahn. (markt)
</add>
<fix>
<bug>70038</bug>: <code>Cookie.clone()</code> should also clone internal
attribute map. (markt)
</fix>
</changelog>
</subsection>
<subsection name="Coyote">
<changelog>
<update>
Change the default value of the <code>cookiesWithoutEquals</code>
attribute of the <code>Rfc6265CookieProcessor</code> from
<code>name</code> to <code>ignore</code>. (markt)
</update>
<update>
Remove default password value (was <code>changeit</code>) for the
<code>certificateKeystorePassword</code> attribute of a certificate.
(remm)
</update>
<update>
Remove NIO2 connector. (remm)
</update>
<update>
Add specific certificate selection code for TLS 1.3 supporting post
quantum cryptography. Certificates defined with type
<code>MLDSA</code> will be selected depending on the TLS client hello.
(remm)
</update>
<update>
Add <code>groups</code> attribute on <code>SSLHostConfig</code>
allowing to restrict which groups can be enabled on the SSL engine.
(remm)
</update>
<update>
Remove support for HTTP 0.9. (markt)
</update>
<!-- Entries for backport and removal before 12.0.0-M1 below this line -->
</changelog>
</subsection>
<subsection name="Jasper">
<changelog>
<add>
Add support for the new Elvis (<code>:?</code>) and Null coalescing
(<code>??</code>) operators in Jakarta Expression language. (markt)
</add>
<add>
Extend the existing <code>+=</code> operator in Jakarta Expression
Language to support merging <code>Map</code> and <code>Set</code>
and concatenating <code>List</code>s. (markt)
</add>
<update>
The defaults for <code>compilerSourceVM</code> and
<code>compilerTargetVM</code> have been updated to 21 to align with Java
21 being the minimum Java version required for Tomcat 12. (markt)
</update>
<scode>
Refactor the performance optimisation for
<code>jakarta.servlet.jsp.el.ImportELResolver</code> to use the new
marker class,
<code>jakarta.el.ELResolver.StandaloneIdentifierMarker</code>. (markt)
</scode>
<add>
Extend the support for relational operators to include
<code>TemporalAccessor</code>, <code>Clock</code> and <code>Date</code>.
(markt)
</add>
<add>
Add support for coercion to <code>java.time.Instant</code> and
<code>java.util.Date</code>. (markt)
</add>
<add>
Add support for <code>java.util.Optional</code> to the empty operator.
(markt)
</add>
<!-- Entries for backport and removal before 12.0.0-M1 below this line -->
</changelog>
</subsection>
<subsection name="Cluster">
<changelog>
<scode>
Change the default algorithm for the <code>EncryptInterceptor</code> to
<code>AES/GCM/NoPadding</code>. (markt)
</scode>
<!-- Entries for backport and removal before 12.0.0-M1 below this line -->
</changelog>
</subsection>
<subsection name="WebSocket">
<changelog>
<update>
Update Tomcat's WebSocket support to version 2.3 of the Jakarta
WebSocket API. (markt)
</update>
<add>
Implement the new <code>HandshakeRequest</code> method,
<code>getUserX509CertificateChain()</code> that provides the client
certificate chain, if present, during the WebSocket handshake. (markt)
</add>
<fix>
Implement the clarification in WebSocket 2.3 that the method
<code>ClientEndpointConfig.Configurator.afterResponse()</code> must be
called after every WebSocket handshake regardless of whether the
handshake is successful or not. (markt)
</fix>
<add>
Implement the new <code>HandshakeRequest</code> methods that expose the
client's preferred local and the local and remote host name, address and
port information. (markt)
</add>
<fix>
<bug>69920</bug>: When attempting to write a message via a WebSocket
session that has been closed, throw an <code>IOException</code> rather
than an <code>IllegalStateExcpetion</code> for consistency with
<code>Writer</code> and <code>OutputStream</code>. (markt)
</fix>
<!-- Entries for backport and removal before 12.0.0-M1 below this line -->
</changelog>
</subsection>
<subsection name="Web applications">
<changelog>
<!-- Entries for backport and removal before 12.0.0-M1 below this line -->
<add>
Manager: Add checks to ensure that any uploaded files are uploaded to
the expected location. (markt)
</add>
<add>
Manager: Add checks to ensure that the requested context path for a
deployed WAR, directory or descriptor file is valid. (markt)
</add>
</changelog>
</subsection>
<subsection name="jdbc-pool">
<changelog>
<!-- Entries for backport and removal before 12.0.0-M1 below this line -->
</changelog>
</subsection>
<subsection name="Other">
<changelog>
<add>
Add test profile system for selective test execution. Profiles can be
specified via <code>-Dtest.profile=&lt;name&gt;</code> to run specific
test subsets without using patterns directly. Profile patterns are
defined in <code>test-profiles.properties</code>. (csutherl)
</add>
<update>
Update Derby to 10.17.1.0. (markt)
</update>
<add>
Add warning when OpenSSL binary is not found. (csutherl)
</add>
<add>
Add check for Tomcat Native library, and log warning when it's not found
to make it easier to see when it's not used by the suite. (csutherl)
</add>
<!-- Entries for backport and removal before 12.0.0-M1 below this line -->
</changelog>
</subsection>
</section>
</body>
</document>