1. 36e4312 Use http URL in ASF closer script. by Rainer Jung · 2 years, 8 months ago trunk
  2. 3672343 Ensures that the specified rxBufSize is correctly set to receiver buffer size. by Keiichi Fujino · 2 years, 9 months ago
  3. 4a2e3d9 Fix the maven release deploy task: signing fails by Rainer Jung · 2 years, 9 months ago
  4. e97d800 62527: Revert restriction of JNDI to the java: namespace. by Remy Maucherat · 2 years, 9 months ago
  5. 436722d Update the release date for 8.0.53 by Violeta Georgieva Georgieva · 2 years, 9 months ago
  6. 0dd4d9c Increment version for next dev cycle by Violeta Georgieva Georgieva · 2 years, 10 months ago
  7. 2855cdf Fix typo by Mark Thomas · 2 years, 10 months ago
  8. 6a16fac Implement checksum checks when downloading dependencies that are used to build Tomcat. by Konstantin Kolinko · 2 years, 10 months ago
  9. 42a7487 Fixed a broken perldoc link by Emmanuel Bourg · 2 years, 10 months ago
  10. 07c259a Fixed several links pointing to the documentation of older Tomcat releases by Emmanuel Bourg · 2 years, 10 months ago
  11. 93b4203 Added the new javac release attribute to be able to build Tomcat with recent JDKs without compromising the compatibility with older versions (requires Ant 1.9.8 or later) by Emmanuel Bourg · 2 years, 10 months ago
  12. 06fa776 Use https URLs in the documentation when possible by Emmanuel Bourg · 2 years, 10 months ago
  13. 23d0d83 Updated the Cobertura URL by Emmanuel Bourg · 2 years, 10 months ago
  14. 0427af5 Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62476 by Mark Thomas · 2 years, 10 months ago
  15. edb4cd7 Minor updates after comparing 8.0.x with 9.0.x by Mark Thomas · 2 years, 10 months ago
  16. 7d6b6be Java 7 isn't quite as good as Java 8 at inferring generic types. by Mark Thomas · 2 years, 10 months ago
  17. ce522fb Fill in the gaps in the Javadoc by Mark Thomas · 2 years, 10 months ago
  18. 847a9f6 Better super constructor to avoid unused parameter by Mark Thomas · 2 years, 10 months ago
  19. 1efd3f5 Fix Javadoc warnings by Mark Thomas · 2 years, 10 months ago
  20. 6198ee8 Fix generics warnings by Mark Thomas · 2 years, 10 months ago
  21. 4aa3bde Update the internal fork of Commons DBCP 2 to 2.4.0. by Mark Thomas · 2 years, 10 months ago
  22. a7d5dfc Update merge info by Mark Thomas · 2 years, 10 months ago
  23. b731851 Fix IDE warnings after Pool updates by Mark Thomas · 2 years, 10 months ago
  24. 6d5aa81 Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62458 by Mark Thomas · 2 years, 10 months ago
  25. 7ddf2a4 Enable host name verification for secure WebSocket client connections by default. by Mark Thomas · 2 years, 10 months ago
  26. 50ff51f Update Tomcat Native to 1.2.17 by Mark Thomas · 2 years, 10 months ago
  27. 286949f When logValidationErrors is set to true, the connection validation error is logged as SEVERE instead of WARNING. by Keiichi Fujino · 2 years, 10 months ago
  28. 7f8869c Fix possible NPE by Mark Thomas · 2 years, 10 months ago
  29. 2933c63 Make JAASRealm mis-configuration more obvious by requiring the authenticated Subject to include at least one Principal of a type specified by userClassNames by Mark Thomas · 2 years, 10 months ago
  30. ce55a53 Correct the logic in MBeanFactory.removeConnector() to ensure that the correct Connector is removed when there are multiple Connectors using different addresses but the same port. by Mark Thomas · 2 years, 10 months ago
  31. 352d845 Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62080 by Mark Thomas · 2 years, 10 months ago
  32. 3fbc848 Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62391 by Mark Thomas · 2 years, 10 months ago
  33. bf805bd Include ::1 as well as 0:0:0:0:0:0:0:1 in the internal proxy list as APR returns ::1 rather than 0:0:0:0:0:0:0:1. by Mark Thomas · 2 years, 10 months ago
  34. ba52224 Correctly handle the case when the request passes through one or more trustedProxies but no internalProxies. by Mark Thomas · 2 years, 10 months ago
  35. f7069c2 Improve IPv6 validation by ensuring that IPv4-Mapped IPv6 addresses do not contain leading zeros in the IPv4 part. by Mark Thomas · 2 years, 10 months ago
  36. 90da49a Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62389 by Mark Thomas · 2 years, 11 months ago
  37. 65714b4 Add comment to non-static loggers by Mark Thomas · 2 years, 11 months ago
  38. 1fd5add Fix broken test by Mark Thomas · 2 years, 11 months ago
  39. 1e453cc Switch to non-static loggers where there is a possibility of a logger becoming associated with a web application class loader causing log messages to be lost if the web application is stopped. by Mark Thomas · 2 years, 11 months ago
  40. 7607005 Update docs after changes for CVE-2018-8014 by Mark Thomas · 2 years, 11 months ago
  41. 918fd4f When decoding of path parameter failed, make sure to throw DecodeException instead of throwing ArrayIndexOutOfBoundsException. by Keiichi Fujino · 2 years, 11 months ago
  42. f3ba099 Correctly handle an invalid quality value in an Accept-Language header. by Mark Thomas · 2 years, 11 months ago
  43. c60a9de Correctly handle a digest authorization header when one of the hex field values ends the header with in an invalid character. by Mark Thomas · 2 years, 11 months ago
  44. c7a972e Correctly handle a digest authorization header when the user name contains an escaped character. by Mark Thomas · 2 years, 11 months ago
  45. cc27735 Correct the manifest for the annotations-api.jar. The JAR implements the Common Annotations API 1.2 and the manifest should by Mark Thomas · 2 years, 11 months ago
  46. cc40c5c Logs for Filters must be non-static as loggers are created per class-loader and Filters may be used in multiple class loaders. by Mark Thomas · 2 years, 11 months ago
  47. 977d614 Fix javadoc. remove old description. by Keiichi Fujino · 2 years, 11 months ago
  48. c0b67b1 Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62395 by Mark Thomas · 2 years, 11 months ago
  49. 1f1e5e7 Ensure that the web application resources implementation does not incorrectly cache results for resources that are only visible as class loader resources. by Mark Thomas · 2 years, 11 months ago
  50. 2c9d843 Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62343 by Mark Thomas · 2 years, 11 months ago
  51. 0337a42 Add invalid host names to the error logged by UserDataHelper by Mark Thomas · 2 years, 11 months ago
  52. 420d6e9 Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62371 by Mark Thomas · 2 years, 11 months ago
  53. af996bb Relax Host validation by removing the requirement that the final component of a FQDN must be alphabetic. by Mark Thomas · 2 years, 11 months ago
  54. 7b794ae Log an error message if the AJP connector detects the the reverse proxy is sending AJP messages that are too large for the configured packetSize. by Mark Thomas · 3 years ago
  55. bb83fcb Remove duplicate calls when creating a replicated session to reduce the time taken to create the session and thereby reduce the chances of a subsequent session update message being ignored because the session does not yet exist. by Mark Thomas · 3 years ago
  56. ff23a11 Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=60490 by Mark Thomas · 3 years ago
  57. 152acfc Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=50019 by Mark Thomas · 3 years ago
  58. 4449344 Fix imports by Mark Thomas · 3 years ago
  59. ab1e6dd Towards the fix for BZ 50019 by Mark Thomas · 3 years ago
  60. 5099a92 Clean up. by Mark Thomas · 3 years ago
  61. 2529478 Ensure that JNDI names used for <lookup-name> entries in web.xml and for lookup elements of @Resource annotations specify a name with an explicit java: namespace. by Mark Thomas · 3 years ago
  62. 0463ef6 JNDI resources that are defined with injection targets but no value are now treated as if the resource is not defined. by Mark Thomas · 3 years ago
  63. 7a229c3 Update the release date for 8.0.52 by Violeta Georgieva Georgieva · 3 years ago
  64. cc68d0b Remove unnecessary default property values. by Keiichi Fujino · 3 years ago
  65. 35f62a9 Ensure that the correct default value is returned when retrieve unset properties in McastService. by Keiichi Fujino · 3 years ago
  66. 7b714d3 Refactor org.apache.jasper.runtime.BodyContentImpl so an additional permission is not required in catalina.policy by Konstantin Kolinko · 3 years ago
  67. 049f43e Fix http://bz.apache.org/bugzilla/show_bug.cgi?id=62350 by Konstantin Kolinko · 3 years ago
  68. 56b44f6 When restoring a saved request with a request body after FORM authentication, ensure that calls to the HttpServletRequest methods getRequestURI(), getQueryString() and getProtocol() are not corrupted by the processing of the saved request body. by Mark Thomas · 3 years ago
  69. 9f6811b Correct the processing of resources with <injection-target>s defined in web.xml. First look for a match using JavaBean property names and then, only if a match is not found, look for a match using fields. by Mark Thomas · 3 years ago
  70. 8fc7205 Fix failing tests now mappedName in @Resource does not set the value for env-entry resources. by Mark Thomas · 3 years ago
  71. c1c7191 Use a constant for a repeatedly used String by Mark Thomas · 3 years ago
  72. 5604561 Treat the <mapped-name> element of a <env-entry> in web.xml in the same way as the mappedName element of the equivalent @Resource annotation. Both now attempt to set the mappedName property of the resource. by Mark Thomas · 3 years ago
  73. 32127f3 Modify import controls so they do not overlap which prevents the reversal of deny/allow ordering from causing failures in Gump which uses the latest Checkstyle code. by Mark Thomas · 3 years ago
  74. c381dbe Increment version for next dev cycle by Violeta Georgieva Georgieva · 3 years ago
  75. 8a9229f Fix tests broken by introduction of allowMultipleLeadingForwardSlashInPath by Mark Thomas · 3 years ago
  76. 9e9b7fe Improve handing of overflow in the UTF-8 decoder with supplementary characters. by Mark Thomas · 3 years ago
  77. d3ffb5c Collapse multiple leading '/' characters to a single '/' in the return value of HttpServletRequest#getContextPath() to avoid issues if the value is used with HttpServletResponse#sendRedirect(). This behaviour is enabled by default and configurable via the new Context attribute allowMultipleLeadingForwardSlashInPath. by Mark Thomas · 3 years ago
  78. f7ac344 Avoid warning when running under Cygwin when the JAVA_ENDORSED_DIRS environment variable is not set. Patch provided by Zemian Deng. by Mark Thomas · 3 years ago
  79. 41eca61 Correctly list resources in JAR files when directories do not have dedicated entries. by Mark Thomas · 3 years ago
  80. ed308fc Move to the correct section by Mark Thomas · 3 years ago
  81. 6079bb1 Fix test failures now 8.0.x enforces the requirement that a Host header MUST be present by Mark Thomas · 3 years ago
  82. a677c41 Back-port default port handling that updated validation depends on. (Should fix failing CI build) by Mark Thomas · 3 years ago
  83. 360efc1 Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62273 by Mark Thomas · 3 years ago
  84. 4756b72 First step in addressing https://bz.apache.org/bugzilla/show_bug.cgi?id=62273 by Mark Thomas · 3 years ago
  85. 5b59798 Better i18n in request target processing by Mark Thomas · 3 years ago
  86. c5cec7d Implement various Host header checks required by RFC 7230 by Mark Thomas · 3 years ago
  87. 3c2db7f Enable strict host/port validation for all connectors. by Mark Thomas · 3 years ago
  88. 67e1e82 Update the host validation to permit host names and components of domain names (excluding top-level domains) to start with a number and to ensure that top-level domains are fully alphabetic. by Mark Thomas · 3 years ago
  89. 5906b5e Add error messages when exceptions are thrown due to host name parsing issues. by Mark Thomas · 3 years ago
  90. 5263f2e Fix typo and spelling of octet by Mark Thomas · 3 years ago
  91. 7dcf93c Inner enums are implicitly static by Mark Thomas · 3 years ago
  92. 03beb42 Correct various edge cases in the new HTTP Host header validation parser. by Mark Thomas · 3 years ago
  93. c7f74e6 Expand the HttpParser to include Host header validation / port location extraction. by Mark Thomas · 3 years ago
  94. d135de0 Optimise Patch provided by Sebastian Staudt by Mark Thomas · 3 years ago
  95. 3302d75 Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62297 by Mark Thomas · 3 years ago
  96. 36631ca Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62301 by Mark Thomas · 3 years ago
  97. 4f4bedd Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62287 by Mark Thomas · 3 years ago
  98. ea8d713 Enable Java 10 to be specified as a JSP source and/or target if a newer ECJ version is used. by Mark Thomas · 3 years ago
  99. fa6cc29 Enable ECJ version 4.7 and later to be used as a drop in replacement for the ECJ version that ships with Apache Tomcat. by Mark Thomas · 3 years ago
  100. ea2bb09 Register MBean when DataSource Resource type=javax.sql.XADataSource. Patch provided by Masafumi Miura. by Coty Sutherland · 3 years ago