This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push: new 979ad3661f Document processorCache disable 979ad3661f is described below commit 979ad3661f3314cae21b3b118d92b301f826b99a Author: remm <r...@apache.org> AuthorDate: Mon Jun 10 12:14:31 2024 +0200 Document processorCache disable This avoids object reuse so could be good for some additional level of security, at a very significant performance cost in many cases. --- webapps/docs/config/http.xml | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/webapps/docs/config/http.xml b/webapps/docs/config/http.xml index c6beb0e130..eb7f5c21c3 100644 --- a/webapps/docs/config/http.xml +++ b/webapps/docs/config/http.xml @@ -623,11 +623,16 @@ <attribute name="processorCache" required="false"> <p>The protocol handler caches Processor objects to speed up performance. This setting dictates how many of these objects get cached. - <code>-1</code> means unlimited, default is <code>200</code>. If not using - Servlet 3.0 asynchronous processing, a good default is to use the same as - the maxThreads setting. If using Servlet 3.0 asynchronous processing, a - good default is to use the larger of maxThreads and the maximum number of - expected concurrent requests (synchronous and asynchronous).</p> + <code>-1</code> means unlimited, default is <code>200</code>. + <code>0</code> means no request processor reuse. This has a very + significant impact on performance depending on the workload, but gives + additional security guarantees by avoidoing reuse of all request + processing objects. + If not using Servlet 3.0 asynchronous processing, an appropriate value + is to use the same as the maxThreads setting. If using Servlet 3.0 + asynchronous processing, an appropriate value is to use the larger + of maxThreads and the maximum number of expected concurrent requests + (synchronous and asynchronous).</p> </attribute> <attribute name="rejectIllegalHeader" required="false"> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org