This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push: new b9e04c9323 Document processorCache disable b9e04c9323 is described below commit b9e04c93235ee62d819f00a8ae1008601d1c90e1 Author: remm <r...@apache.org> AuthorDate: Mon Jun 10 12:14:31 2024 +0200 Document processorCache disable This avoids object reuse so could be good for some additional level of security, at a very significant performance cost in many cases. --- webapps/docs/config/http.xml | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/webapps/docs/config/http.xml b/webapps/docs/config/http.xml index d11f51c893..4303a28f8b 100644 --- a/webapps/docs/config/http.xml +++ b/webapps/docs/config/http.xml @@ -609,11 +609,16 @@ <attribute name="processorCache" required="false"> <p>The protocol handler caches Processor objects to speed up performance. This setting dictates how many of these objects get cached. - <code>-1</code> means unlimited, default is <code>200</code>. If not using - Servlet 3.0 asynchronous processing, a good default is to use the same as - the maxThreads setting. If using Servlet 3.0 asynchronous processing, a - good default is to use the larger of maxThreads and the maximum number of - expected concurrent requests (synchronous and asynchronous).</p> + <code>-1</code> means unlimited, default is <code>200</code>. + <code>0</code> means no request processor reuse. This has a very + significant impact on performance depending on the workload, but gives + additional security guarantees by avoidoing reuse of all request + processing objects. + If not using Servlet 3.0 asynchronous processing, an appropriate value + is to use the same as the maxThreads setting. If using Servlet 3.0 + asynchronous processing, an appropriate value is to use the larger + of maxThreads and the maximum number of expected concurrent requests + (synchronous and asynchronous).</p> </attribute> <attribute name="rejectIllegalHeader" required="false"> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org