blob: 3c639a3fa3b99de6f383aec92bc9506b61dddcec [file] [log] [blame]
================================================================================
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
================================================================================
$Id$
=================================
Apache Tomcat 5.5 Patch Proposals
=================================
PATCHES ACCEPTED TO BACKPORT FROM TRUNK/OTHER:
[ start all new proposals below, under PATCHES PROPOSED. ]
PATCHES PROPOSED TO BACKPORT:
[ New proposals should be added at the end of the list ]
* Implement maxHeaderCount attribute on HTTP Connectors.
It is equivalent of LimitRequestFields directive of Apache HTTPD
See r1356239 in Tomcat 6.
Notes:
1. Implemented for HTTP protocol only. (MimeHeaders.setLimit() is called
by HTTP protocol processors only).
I suppose that users of AJP can leverage the LimitRequestFields directive
in Apache HTTPD server.
2. The feature is manageable through JMX on the ProtocolHandler MBean.
Unlike later Tomcat versions, I did not add setter/getter methods to
Connector class and did not expose the property on Connector MBean.
Note that Catalina MBeans are not visible in Tomcat 5.5 by default.
See r1356696 for instructions.
3. To test the feature one can use
http://localhost:8080/servlets-examples/servlet/RequestHeaderExample
Refreshing the page in Firefox changes the number of headers in incoming request
(adds 'cache-control' for "F5" refresh, adds 'pragma=no-cache' for "Ctrl+F5" refresh).
Patch:
http://people.apache.org/~kkolinko/patches/2012-07-03_tc55_maxHeaderCount_v1.patch
+1: kkolinko, markt
-1:
* Various DIGEST improvements ported from Tomcat 7
http://people.apache.org/~markt/patches/2012-08-28-digest-tc5.patch
+1: markt, kkolinko
-1:
* Remove unneeded handling of FORM authentication in RealmBase
http://svn.apache.org/viewvc?rev=1377887&view=rev
(r1377892 in 7.0)
+1: kkolinko, markt
-1:
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=42181
A. Better handling of edge conditions in chunk header processing (BZ 42181)
B. Improve chunk header parsing. Properly ignore chunk-extension suffix,
not trying to parse digits contained in it. Reject chunks whose header is
incorrect. (backport of r423453)
https://issues.apache.org/bugzilla/attachment.cgi?id=29295
+1: kkolinko, markt
-1:
* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=53830
Better handling of Manager.randomFile default value on Windows
https://issues.apache.org/bugzilla/attachment.cgi?id=29331
+1: kkolinko, markt
-1: