DO NOT REPLY [Bug 42409] - Extra response headers not sent when using custom error page

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=42409


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|RESOLVED|REOPENED
 Resolution|WONTFIX |




--- Additional Comments From [EMAIL PROTECTED]  2007-06-16 19:00 ---
One problem I find with the above code is that if I decide not to use a custom
400 page then my extra header will not be available in the response.  Is there
another solution where it would work regardless of page I use (besides fixing
the bug I guess)?

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: svn commit: r547932 - in /tomcat/tc6.0.x/trunk: java/org/apache/jasper/compiler/ELFunctionMapper.java webapps/docs/changelog.xml

[Remy Maucherat]

Mark Thomas wrote:

Remy Maucherat wrote:

[EMAIL PROTECTED] wrote:

Author: markt
Date: Sat Jun 16 08:39:21 2007
New Revision: 547932

URL: http://svn.apache.org/viewvc?view=rev&rev=547932
Log:
Port fix bug 42643. Prevent creation of duplicate function mapper
variables.

What is the actual diff for this bugfix ? This is unreadable :(


Sorry. I should have split the tabs -> spaces and the fix. The
important stuff is the same as TC5.5:
http://marc.info/?l=tomcat-dev&m=118200695231520&w=2


Ok, thanks. I had thought it was most likely the same one line fix.

Rémy

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: svn commit: r547932 - in /tomcat/tc6.0.x/trunk: java/org/apache/jasper/compiler/ELFunctionMapper.java webapps/docs/changelog.xml

[Mark Thomas]

Remy Maucherat wrote:
> [EMAIL PROTECTED] wrote:
>> Author: markt
>> Date: Sat Jun 16 08:39:21 2007
>> New Revision: 547932
>>
>> URL: http://svn.apache.org/viewvc?view=rev&rev=547932
>> Log:
>> Port fix bug 42643. Prevent creation of duplicate function mapper
>> variables.
> 
> What is the actual diff for this bugfix ? This is unreadable :(

Sorry. I should have split the tabs -> spaces and the fix. The
important stuff is the same as TC5.5:
http://marc.info/?l=tomcat-dev&m=118200695231520&w=2

Mark

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Proposed simplification of CometEvent

[Costin Manolache]

On 6/15/07, Filip Hanik - Dev Lists <[EMAIL PROTECTED]> wrote:


correction, should read

I can implement inputstream.read() to return 0 on both blocking and non
blocking *Comet events*, (since sockets are always non blocking)




Ok, my mistake - what I really meant to say is:  I am only interested in
Comet if it
behaves similar with non-blocking sockets ( regardless of implementation ),
i.e. read(), write() called inside
a comet servlet will never block.


From the description so far it seems the sandbox version has this property

and the trunk has
an option to make it blocking ( or so I understood from your comments ).

I'm not familiar with the concept of 'non blocking *Comet events*' - never
heard of an event that
blocks or doesn't block before. If you mean that during a comet event read
will be blocking (
based on config or whatever else ) - I think this is a bad design.

Costin

Re: svn commit: r547932 - in /tomcat/tc6.0.x/trunk: java/org/apache/jasper/compiler/ELFunctionMapper.java webapps/docs/changelog.xml

[Remy Maucherat]

[EMAIL PROTECTED] wrote:

Author: markt
Date: Sat Jun 16 08:39:21 2007
New Revision: 547932

URL: http://svn.apache.org/viewvc?view=rev&rev=547932
Log:
Port fix bug 42643. Prevent creation of duplicate function mapper variables.


What is the actual diff for this bugfix ? This is unreadable :(

Rémy

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 42643] - Duplicate JSP function mapper variables

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=42643


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||FIXED




--- Additional Comments From [EMAIL PROTECTED]  2007-06-16 08:39 ---
Thanks for the report. This has been fixed in svn and will be in 5.5.25 and
6.0.14 onwards.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r547932 - in /tomcat/tc6.0.x/trunk: java/org/apache/jasper/compiler/ELFunctionMapper.java webapps/docs/changelog.xml

[markt]

Author: markt
Date: Sat Jun 16 08:39:21 2007
New Revision: 547932

URL: http://svn.apache.org/viewvc?view=rev&rev=547932
Log:
Port fix bug 42643. Prevent creation of duplicate function mapper variables.
Fix various compiler warnings.

Modified:
tomcat/tc6.0.x/trunk/java/org/apache/jasper/compiler/ELFunctionMapper.java
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml

Modified: 
tomcat/tc6.0.x/trunk/java/org/apache/jasper/compiler/ELFunctionMapper.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/jasper/compiler/ELFunctionMapper.java?view=diff&rev=547932&r1=547931&r2=547932
==
--- tomcat/tc6.0.x/trunk/java/org/apache/jasper/compiler/ELFunctionMapper.java 
(original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/jasper/compiler/ELFunctionMapper.java 
Sat Jun 16 08:39:21 2007
@@ -31,8 +31,7 @@
  */
 
 public class ELFunctionMapper {
-static private int currFunc = 0;
-private ErrorDispatcher err;
+private int currFunc = 0;
 StringBuffer ds;  // Contains codes to initialize the functions mappers.
 StringBuffer ss;  // Contains declarations of the functions mappers.
 
@@ -43,23 +42,21 @@
  * @param page The current compilation unit.
  */
 public static void map(Compiler compiler, Node.Nodes page) 
-   throws JasperException {
+throws JasperException {
 
-   currFunc = 0;
-   ELFunctionMapper map = new ELFunctionMapper();
-   map.err = compiler.getErrorDispatcher();
-   map.ds = new StringBuffer();
-   map.ss = new StringBuffer();
-
-   page.visit(map.new ELFunctionVisitor());
-
-   // Append the declarations to the root node
-   String ds = map.ds.toString();
-   if (ds.length() > 0) {
-   Node root = page.getRoot();
-   new Node.Declaration(map.ss.toString(), null, root);
-   new Node.Declaration("static {\n" + ds + "}\n", null, root);
-   }
+ELFunctionMapper map = new ELFunctionMapper();
+map.ds = new StringBuffer();
+map.ss = new StringBuffer();
+
+page.visit(map.new ELFunctionVisitor());
+
+// Append the declarations to the root node
+String ds = map.ds.toString();
+if (ds.length() > 0) {
+Node root = page.getRoot();
+new Node.Declaration(map.ss.toString(), null, root);
+new Node.Declaration("static {\n" + ds + "}\n", null, root);
+}
 }
 
 /**
@@ -67,182 +64,183 @@
  * for functions, and if found functions mappers are created.
  */
 class ELFunctionVisitor extends Node.Visitor {
-   
-   /**
-* Use a global name map to facilitate reuse of function maps.
-* The key used is prefix:function:uri.
-*/
-   private HashMap gMap = new HashMap();
-
-   public void visit(Node.ParamAction n) throws JasperException {
-   doMap(n.getValue());
-   visitBody(n);
-   }
-
-   public void visit(Node.IncludeAction n) throws JasperException {
-   doMap(n.getPage());
-   visitBody(n);
-   }
-
-   public void visit(Node.ForwardAction n) throws JasperException {
-   doMap(n.getPage());
-   visitBody(n);
-   }
+
+/**
+ * Use a global name map to facilitate reuse of function maps.
+ * The key used is prefix:function:uri.
+ */
+private HashMap gMap = new HashMap();
+
+public void visit(Node.ParamAction n) throws JasperException {
+doMap(n.getValue());
+visitBody(n);
+}
+
+public void visit(Node.IncludeAction n) throws JasperException {
+doMap(n.getPage());
+visitBody(n);
+}
+
+public void visit(Node.ForwardAction n) throws JasperException {
+doMap(n.getPage());
+visitBody(n);
+}
 
 public void visit(Node.SetProperty n) throws JasperException {
-   doMap(n.getValue());
-   visitBody(n);
-   }
+doMap(n.getValue());
+visitBody(n);
+}
 
 public void visit(Node.UseBean n) throws JasperException {
-   doMap(n.getBeanName());
-   visitBody(n);
-   }
+doMap(n.getBeanName());
+visitBody(n);
+}
 
 public void visit(Node.PlugIn n) throws JasperException {
-   doMap(n.getHeight());
-   doMap(n.getWidth());
-   visitBody(n);
-   }
+doMap(n.getHeight());
+doMap(n.getWidth());
+visitBody(n);
+}
 
 public void visit(Node.JspElement n) throws JasperException {
 
-   Node.JspAttribute[] attrs = n.getJspAttributes();
-   for (int i = 0; attrs != null && i < attrs.length; i++) {
-   doMap(attrs[i]);
-   }
-   doMap(n.getNameAttribute());
-   visitBody(n);
-   }
+Node.Js

svn commit: r547930 - in /tomcat: container/tc5.5.x/webapps/docs/changelog.xml jasper/tc5.5.x/src/share/org/apache/jasper/compiler/ELFunctionMapper.java

[markt]

Author: markt
Date: Sat Jun 16 08:15:25 2007
New Revision: 547930

URL: http://svn.apache.org/viewvc?view=rev&rev=547930
Log:
Fix bug 42643. Prevent creation of duplicate function mapper variables.

Modified:
tomcat/container/tc5.5.x/webapps/docs/changelog.xml

tomcat/jasper/tc5.5.x/src/share/org/apache/jasper/compiler/ELFunctionMapper.java

Modified: tomcat/container/tc5.5.x/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/webapps/docs/changelog.xml?view=diff&rev=547930&r1=547929&r2=547930
==
--- tomcat/container/tc5.5.x/webapps/docs/changelog.xml (original)
+++ tomcat/container/tc5.5.x/webapps/docs/changelog.xml Sat Jun 16 08:15:25 2007
@@ -14,6 +14,32 @@
   
 
 
+
+  
+
+  
+Fix XSS security vulnerability (CVE-2007-2450) in the Manager and Host
+Manager. Reported by Daiki Fukumori. (markt)
+  
+
+  
+  
+
+  
+42643 Prevent creation of duplicate JSP function mapper
+variables. (markt)
+  
+
+  
+  
+
+  
+Fix XSS security vulnerabilities (CVE-2007-2449) in the examples.
+Reported by Toshiharu Sugiyama. (markt)
+  
+
+  
+
 
   
 

Modified: 
tomcat/jasper/tc5.5.x/src/share/org/apache/jasper/compiler/ELFunctionMapper.java
URL: 
http://svn.apache.org/viewvc/tomcat/jasper/tc5.5.x/src/share/org/apache/jasper/compiler/ELFunctionMapper.java?view=diff&rev=547930&r1=547929&r2=547930
==
--- 
tomcat/jasper/tc5.5.x/src/share/org/apache/jasper/compiler/ELFunctionMapper.java
 (original)
+++ 
tomcat/jasper/tc5.5.x/src/share/org/apache/jasper/compiler/ELFunctionMapper.java
 Sat Jun 16 08:15:25 2007
@@ -23,7 +23,7 @@
 
 /**
  * This class generates functions mappers for the EL expressions in the page.
- * Instead of a global mapper, a mapper is used for ecah call to EL
+ * Instead of a global mapper, a mapper is used for each call to EL
  * evaluator, thus avoiding the prefix overlapping and redefinition
  * issues.
  *
@@ -31,7 +31,7 @@
  */
 
 public class ELFunctionMapper {
-static private int currFunc = 0;
+private int currFunc = 0;
 StringBuffer ds;  // Contains codes to initialize the functions mappers.
 StringBuffer ss;  // Contains declarations of the functions mappers.
 
@@ -44,7 +44,6 @@
 public static void map(Compiler compiler, Node.Nodes page) 
 throws JasperException {
 
-currFunc = 0;
 ELFunctionMapper map = new ELFunctionMapper();
 map.ds = new StringBuffer();
 map.ss = new StringBuffer();



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

svn commit: r547927 - /tomcat/jasper/tc5.5.x/src/share/org/apache/jasper/compiler/ELFunctionMapper.java

[markt]

Author: markt
Date: Sat Jun 16 07:35:18 2007
New Revision: 547927

URL: http://svn.apache.org/viewvc?view=rev&rev=547927
Log:
Tabs -> 8 spaces.

Modified:

tomcat/jasper/tc5.5.x/src/share/org/apache/jasper/compiler/ELFunctionMapper.java

Modified: 
tomcat/jasper/tc5.5.x/src/share/org/apache/jasper/compiler/ELFunctionMapper.java
URL: 
http://svn.apache.org/viewvc/tomcat/jasper/tc5.5.x/src/share/org/apache/jasper/compiler/ELFunctionMapper.java?view=diff&rev=547927&r1=547926&r2=547927
==
--- 
tomcat/jasper/tc5.5.x/src/share/org/apache/jasper/compiler/ELFunctionMapper.java
 (original)
+++ 
tomcat/jasper/tc5.5.x/src/share/org/apache/jasper/compiler/ELFunctionMapper.java
 Sat Jun 16 07:35:18 2007
@@ -42,22 +42,22 @@
  * @param page The current compilation unit.
  */
 public static void map(Compiler compiler, Node.Nodes page) 
-   throws JasperException {
+throws JasperException {
 
-   currFunc = 0;
-   ELFunctionMapper map = new ELFunctionMapper();
-   map.ds = new StringBuffer();
-   map.ss = new StringBuffer();
-
-   page.visit(map.new ELFunctionVisitor());
-
-   // Append the declarations to the root node
-   String ds = map.ds.toString();
-   if (ds.length() > 0) {
-   Node root = page.getRoot();
-   new Node.Declaration(map.ss.toString(), null, root);
-   new Node.Declaration("static {\n" + ds + "}\n", null, root);
-   }
+currFunc = 0;
+ELFunctionMapper map = new ELFunctionMapper();
+map.ds = new StringBuffer();
+map.ss = new StringBuffer();
+
+page.visit(map.new ELFunctionVisitor());
+
+// Append the declarations to the root node
+String ds = map.ds.toString();
+if (ds.length() > 0) {
+Node root = page.getRoot();
+new Node.Declaration(map.ss.toString(), null, root);
+new Node.Declaration("static {\n" + ds + "}\n", null, root);
+}
 }
 
 /**
@@ -65,182 +65,182 @@
  * for functions, and if found functions mappers are created.
  */
 class ELFunctionVisitor extends Node.Visitor {
-   
-   /**
-* Use a global name map to facilitate reuse of function maps.
-* The key used is prefix:function:uri.
-*/
-   private HashMap gMap = new HashMap();
-
-   public void visit(Node.ParamAction n) throws JasperException {
-   doMap(n.getValue());
-   visitBody(n);
-   }
-
-   public void visit(Node.IncludeAction n) throws JasperException {
-   doMap(n.getPage());
-   visitBody(n);
-   }
-
-   public void visit(Node.ForwardAction n) throws JasperException {
-   doMap(n.getPage());
-   visitBody(n);
-   }
+
+/**
+ * Use a global name map to facilitate reuse of function maps.
+ * The key used is prefix:function:uri.
+ */
+private HashMap gMap = new HashMap();
+
+public void visit(Node.ParamAction n) throws JasperException {
+doMap(n.getValue());
+visitBody(n);
+}
+
+public void visit(Node.IncludeAction n) throws JasperException {
+doMap(n.getPage());
+visitBody(n);
+}
+
+public void visit(Node.ForwardAction n) throws JasperException {
+doMap(n.getPage());
+visitBody(n);
+}
 
 public void visit(Node.SetProperty n) throws JasperException {
-   doMap(n.getValue());
-   visitBody(n);
-   }
+doMap(n.getValue());
+visitBody(n);
+}
 
 public void visit(Node.UseBean n) throws JasperException {
-   doMap(n.getBeanName());
-   visitBody(n);
-   }
+doMap(n.getBeanName());
+visitBody(n);
+}
 
 public void visit(Node.PlugIn n) throws JasperException {
-   doMap(n.getHeight());
-   doMap(n.getWidth());
-   visitBody(n);
-   }
+doMap(n.getHeight());
+doMap(n.getWidth());
+visitBody(n);
+}
 
 public void visit(Node.JspElement n) throws JasperException {
 
-   Node.JspAttribute[] attrs = n.getJspAttributes();
-   for (int i = 0; attrs != null && i < attrs.length; i++) {
-   doMap(attrs[i]);
-   }
-   doMap(n.getNameAttribute());
-   visitBody(n);
-   }
+Node.JspAttribute[] attrs = n.getJspAttributes();
+for (int i = 0; attrs != null && i < attrs.length; i++) {
+doMap(attrs[i]);
+}
+doMap(n.getNameAttribute());
+visitBody(n);
+}
 
 public void visit(Node.UninterpretedTag n) throws JasperException {
 
-   Node.JspAttribute[] attrs = n.getJspAttributes();
-   for (int i = 0; attrs != null && i < attrs.length; i

DO NOT REPLY [Bug 23610] - unknown SSI directives

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=23610


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|REOPENED|RESOLVED
 Resolution||FIXED




--- Additional Comments From [EMAIL PROTECTED]  2007-06-16 07:21 ---
The files were ported to 5.0.x back in September 2004. You need to use 5.0.29
onwards or 5.5.1 onwards.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

DO NOT REPLY [Bug 23610] - unknown SSI directives

[bugzilla]

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=23610


[EMAIL PROTECTED] changed:

   What|Removed |Added

 Status|RESOLVED|REOPENED
 Resolution|WONTFIX |




--- Additional Comments From [EMAIL PROTECTED]  2007-06-16 06:59 ---
The Tomcat and Apache documentation states that these directives are
available It is my opinion that this should be fixed -or- the documentation
amended. 

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug, or are watching the assignee.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]