| ================================================================================ |
| Licensed to the Apache Software Foundation (ASF) under one or more |
| contributor license agreements. See the NOTICE file distributed with |
| this work for additional information regarding copyright ownership. |
| The ASF licenses this file to You under the Apache License, Version 2.0 |
| (the "License"); you may not use this file except in compliance with |
| the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| ================================================================================ |
| |
| $Id$ |
| |
| ================================= |
| Apache Tomcat 5.5 Patch Proposals |
| ================================= |
| |
| PATCHES ACCEPTED TO BACKPORT FROM TRUNK/OTHER: |
| [ start all new proposals below, under PATCHES PROPOSED. ] |
| |
| * Make configuration issue for RemoteAddrValve, RemoteHostValve result |
| in the failure of the valve rather than just a warning message. |
| Ensure changes to the configuration of these valves via JMX are thread-safe. |
| Refactor value matching logic into separate method. |
| Expose the new method isAllowed and isAllowValid, isDenyValid properties through JMX. |
| It is based on r1189256 and r1187027, r1198622 |
| (r1189258, r1187029, r1198623 in TC7) |
| http://people.apache.org/~kkolinko/patches/2011-11-08_tc55_RequestFilterValve_v4.patch |
| +1: kkolinko,funkman,jim |
| -1: |
| |
| kkolinko: It does its work and prevents app from starting and working. Though |
| 1. Autodeployment prints the same error every 10s. It is OK, though a |
| bit annoying. |
| 2. Application that failed to start responds with 403. I do not |
| understand why. I would expect 404 or 503. |
| 3. Application that failed to start is not listed by the manager app. |
| It is expected, but does not explain why error 403 and not 404 is observed. |
| |
| * Improve performance of parameter processing |
| <add> |
| Improve performance of parameter processing for GET and POST requests. |
| Also add an option to limit the maximum number of parameters processed |
| per request. This defaults to 10000. Excessive parameters are ignored. |
| Note that <code>FailedRequestFilter</code> can be used to reject the |
| request if some parameters were ignored. (markt/kkolinko) |
| </add> |
| <add> |
| New filter <code>FailedRequestFilter</code> that will reject a request |
| if there were errors during HTTP parameter parsing. (kkolinko) |
| </add> |
| Before the patch: |
| Should be created by patch tool automatically, but just to be sure: |
| mkdir container/catalina/src/share/org/apache/catalina/filters |
| svn add container/catalina/src/share/org/apache/catalina/filters |
| Apply patch: |
| http://people.apache.org/~kkolinko/patches/2011-11-17_tc55_parameters-v5.patch |
| After the patch: |
| svn propset svn:eol-style native connectors/util/java/org/apache/tomcat/util/http/LocalStrings.properties |
| svn propset svn:eol-style native container/catalina/src/share/org/apache/catalina/filters/FailedRequestFilter.java |
| svn propset svn:eol-style native container/webapps/docs/config/filter.xml |
| +1: kkolinko, markt, funkman, jim |
| -1: |
| |
| * Align %2f handling between implementations of UDecoder.convert() |
| http://svn.apache.org/viewvc?rev=1203091&view=rev |
| +1: kkolinko, markt, funkman, jim |
| -1: |
| |
| * Remove obsolete build.xml file that was used to download source tree. |
| References to it were removed from build instructions in r1202235 |
| |
| 1. svn del build/resources/build.xml |
| 2. apply patch: |
| http://people.apache.org/~kkolinko/patches/2011-11-15_tc55_build.patch |
| +1: kkolinko, rjung, markt, jim |
| -1: |
| |
| * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=52225 |
| Fix ClassCastException in Alias added for existing host via JMX |
| http://svn.apache.org/viewvc?rev=1204856&view=rev |
| (without tests; it is r1204860 in TC7) |
| +1: kkolinko, markt, funkman, jim |
| -1: |
| |
| * Do not throw IllegalArgumentException from parseParameters() call when |
| chunked POST request is too large, but treat it like an IO error. |
| http://svn.apache.org/viewvc?rev=1206200&view=rev |
| (without tests; it is r1206205 in TC7) |
| +1: kkolinko, markt,funkman, jim |
| -1: |
| |
| * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=52335 |
| Only handle <\% and not \% as escaped in template text. |
| http://svn.apache.org/viewvc?rev=1215121&view=rev |
| +1: markt, funkman, jim |
| -1: |
| |
| PATCHES PROPOSED TO BACKPORT: |
| [ New proposals should be added at the end of the list ] |
| |