svn commit: r1044255 - /tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
Author: markt
Date: Fri Dec 10 09:47:05 2010
New Revision: 1044255
URL: http://svn.apache.org/viewvc?rev=1044255view=rev
Log:
Fix FindBugs / unused code warnings
Modified:
tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
Modified: tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java?rev=1044255r1=1044254r2=1044255view=diff
==
--- tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java Fri Dec
10 09:47:05 2010
@@ -184,7 +184,7 @@ public class DefaultServlet
/**
* Proxy directory context.
*/
-protected ProxyDirContext resources = null;
+protected transient ProxyDirContext resources = null;
/**
@@ -2158,12 +2158,17 @@ public class DefaultServlet
if (debug 10)
log(Serving bytes: + start + - + end);
+long skipped = 0;
try {
-istream.skip(start);
+skipped = istream.skip(start);
} catch (IOException e) {
return e;
}
-
+if (skipped start) {
+return new IOException(sm.getString(defaultservlet.skipfail,
+Long.valueOf(skipped), Long.valueOf(start)));
+}
+
IOException exception = null;
long bytesToRead = end - start + 1;
@@ -2206,11 +2211,16 @@ public class DefaultServlet
protected IOException copyRange(Reader reader, PrintWriter writer,
long start, long end) {
+long skipped = 0;
try {
-reader.skip(start);
+skipped = reader.skip(start);
} catch (IOException e) {
return e;
}
+if (skipped start) {
+return new IOException(sm.getString(defaultservlet.skipfail,
+Long.valueOf(skipped), Long.valueOf(start)));
+}
IOException exception = null;
long bytesToRead = end - start + 1;
@@ -2244,7 +2254,7 @@ public class DefaultServlet
// -- Range Inner Class
-protected class Range {
+protected static class Range {
public long start;
public long end;
@@ -2256,17 +2266,7 @@ public class DefaultServlet
public boolean validate() {
if (end = length)
end = length - 1;
-return ( (start = 0) (end = 0) (start = end)
- (length 0) );
+return (start = 0) (end = 0) (start = end) (length
0);
}
-
-public void recycle() {
-start = 0;
-end = 0;
-length = 0;
-}
-
}
-
-
}
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1044264 - /tomcat/trunk/java/org/apache/catalina/servlets/LocalStrings.properties
Author: markt
Date: Fri Dec 10 10:06:44 2010
New Revision: 1044264
URL: http://svn.apache.org/viewvc?rev=1044264view=rev
Log:
Missed file in r1044255
Modified:
tomcat/trunk/java/org/apache/catalina/servlets/LocalStrings.properties
Modified: tomcat/trunk/java/org/apache/catalina/servlets/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/servlets/LocalStrings.properties?rev=1044264r1=1044263r2=1044264view=diff
==
--- tomcat/trunk/java/org/apache/catalina/servlets/LocalStrings.properties
(original)
+++ tomcat/trunk/java/org/apache/catalina/servlets/LocalStrings.properties Fri
Dec 10 10:06:44 2010
@@ -18,6 +18,7 @@ defaultservlet.directorylistingfor=Direc
defaultservlet.upto=Up to:
defaultservlet.subdirectories=Subdirectories:
defaultservlet.files=Files:
+defaultservlet.skipfail=Only skipped [{0}] bytes when [{1}] were requested
webdavservlet.jaxpfailed=JAXP initialization failed
webdavservlet.enternalEntityIgnored=The request included a reference to an
external entity with PublicID {0} and SystemID {1} which was ignored
directory.filename=Filename
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1044266 - in /tomcat/trunk: java/org/apache/catalina/servlets/DefaultServlet.java webapps/docs/changelog.xml
Author: markt
Date: Fri Dec 10 10:11:38 2010
New Revision: 1044266
URL: http://svn.apache.org/viewvc?rev=1044266view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50413
Ensure 304s are not returned when using static files as error pages
Modified:
tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java?rev=1044266r1=1044265r2=1044266view=diff
==
--- tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/servlets/DefaultServlet.java Fri Dec
10 10:11:38 2010
@@ -792,6 +792,9 @@ public class DefaultServlet
}
}
+boolean isError =
+response.getStatus() = HttpServletResponse.SC_BAD_REQUEST;
+
// Check if the conditions specified in the optional If headers are
// satisfied.
if (cacheEntry.context == null) {
@@ -799,8 +802,8 @@ public class DefaultServlet
// Checking If headers
boolean included =
(request.getAttribute(Globals.INCLUDE_CONTEXT_PATH_ATTR) !=
null);
-if (!included
- !checkIfHeaders(request, response, cacheEntry.attributes)) {
+if (!included !isError
+!checkIfHeaders(request, response, cacheEntry.attributes))
{
return;
}
@@ -828,21 +831,23 @@ public class DefaultServlet
contentType = text/html;charset=UTF-8;
} else {
-if (useAcceptRanges) {
-// Accept ranges header
-response.setHeader(Accept-Ranges, bytes);
+if (!isError) {
+if (useAcceptRanges) {
+// Accept ranges header
+response.setHeader(Accept-Ranges, bytes);
+}
+
+// Parse range specifier
+ranges = parseRange(request, response, cacheEntry.attributes);
+
+// ETag header
+response.setHeader(ETag, cacheEntry.attributes.getETag());
+
+// Last-Modified header
+response.setHeader(Last-Modified,
+cacheEntry.attributes.getLastModifiedHttp());
}
-// Parse range specifier
-ranges = parseRange(request, response, cacheEntry.attributes);
-
-// ETag header
-response.setHeader(ETag, cacheEntry.attributes.getETag());
-
-// Last-Modified header
-response.setHeader(Last-Modified,
-cacheEntry.attributes.getLastModifiedHttp());
-
// Get content length
contentLength = cacheEntry.attributes.getContentLength();
// Special case for zero length files, which would cause a
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1044266r1=1044265r2=1044266view=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Fri Dec 10 10:11:38 2010
@@ -122,6 +122,10 @@
codeStore/code associated with a codePersistentManager/code.
(markt)
/fix
+ fix
+bug50413/bug: Ensure 304 responses are not returned when using
+static files as error pages. (markt)
+ /fix
/changelog
/subsection
subsection name=Coyote
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50413] Tomcat returns 304 instead of 404 response for static custom 404 error file
https://issues.apache.org/bugzilla/show_bug.cgi?id=50413 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED --- Comment #2 from Mark Thomas ma...@apache.org 2010-12-10 05:11:55 EST --- Thanks for the report. This has been fixed in 7.0.x and will be included in 7.0.6 onwards. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50451] New: Apache Server Dont Start
https://issues.apache.org/bugzilla/show_bug.cgi?id=50451 Summary: Apache Server Dont Start Product: Tomcat 6 Version: 6.0.20 Platform: PC Status: NEW Severity: major Priority: P2 Component: Catalina AssignedTo: dev@tomcat.apache.org ReportedBy: vaghela_shreya...@yahoo.com Created an attachment (id=26392) -- (https://issues.apache.org/bugzilla/attachment.cgi?id=26392) Error after installtin Tomcat 6 This is to let you all know that, after installing Apache Tomcat 6.0.20 in System and restarting system, i got error message displaying. ACCESS IS DENIED - UNABLE TO OPEN THE SERVICE 'TOMCAT8' You can find attachment as well. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50451] Apache Server Dont Start
https://issues.apache.org/bugzilla/show_bug.cgi?id=50451 King vaghela_shreya...@yahoo.com changed: What|Removed |Added CC||vaghela_shreya...@yahoo.com OS/Version||All -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50451] Apache Server Dont Start
https://issues.apache.org/bugzilla/show_bug.cgi?id=50451 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|NEW |RESOLVED Resolution||INVALID --- Comment #1 from Mark Thomas ma...@apache.org 2010-12-10 08:06:08 EST --- Bugzilla is not a support forum. Please use the users mailing list. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50452] New: java.net.SocketTimeoutException: Exception filling buffer with data from underlying input stream: not an EAGAIN status, so perhaps disconnected client?
https://issues.apache.org/bugzilla/show_bug.cgi?id=50452 Summary: java.net.SocketTimeoutException: Exception filling buffer with data from underlying input stream: not an EAGAIN status, so perhaps disconnected client? Product: Tomcat 5 Version: 5.5.25 Platform: PC Status: NEW Severity: major Priority: P2 Component: Connector:HTTP AssignedTo: dev@tomcat.apache.org ReportedBy: mo...@hotmail.com I am seeing this with POST requests for uploading large files 2gb to tomcat. Our application frequently needs to handle such large file transfers. I am running tomcat 5.5.25 with the following: java:jdk 1.5.0_13 (32-bit) tcnative:1.1.20 Windows: Win7 64-bit, Win7 32-bit, 2008 64-bit. The OS doesn't seem relevant it happens on all of them. Below is the stack trace: 2010-12-09 22:40:33,758 [http-0.0.0.0-9090-2] ERROR org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/backup].[rcosFileService] - Servlet.service() for servlet rcosFileService threw exception java.net.SocketTimeoutException: Exception filling buffer with data from underlying input stream: not an EAGAIN status, so perhaps disconnected client? at org.apache.coyote.http11.InternalAprInputBuffer.fill(InternalAprInputBuffer.java:827) at org.apache.coyote.http11.InternalAprInputBuffer$SocketInputBuffer.doRead(InternalAprInputBuffer.java:858) at org.apache.coyote.http11.filters.IdentityInputFilter.doRead(IdentityInputFilter.java:116) at org.apache.coyote.http11.InternalAprInputBuffer.doRead(InternalAprInputBuffer.java:773) at org.apache.coyote.Request.doRead(Request.java:419) at org.apache.catalina.connector.InputBuffer.realReadBytes(InputBuffer.java:265) at org.apache.tomcat.util.buf.ByteChunk.substract(ByteChunk.java:403) at org.apache.catalina.connector.InputBuffer.read(InputBuffer.java:280) at org.apache.catalina.connector.CoyoteInputStream.read(CoyoteInputStream.java:193) at java.nio.channels.Channels$ReadableByteChannelImpl.read(Channels.java:196) at com.ringcube.vdas.util.nio.NIOUtils.channelCopy(NIOUtils.java:33) at com.ringcube.vdas.rcos.handler.impl.PutPathHandler.handleRangeRequest(PutPathHandler.java:90) at com.ringcube.vdas.rcos.handler.PathHandler.handlePath(PathHandler.java:116) at com.ringcube.vdas.service.impl.ObjectStoreService.doExecute(ObjectStoreService.java:112) at com.ringcube.vdas.service.impl.BaseService.execute(BaseService.java:44) at com.ringcube.vdas.servlet.BurritoServlet.service(BurritoServlet.java:71) at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:378) at com.ringcube.vdas.security.filters.RCOSAuthenticationFilter.doFilterHttp(RCOSAuthenticationFilter.java:58) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) at org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:175) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:236) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151) at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:834) at org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:640) at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:1286) at java.lang.Thread.run(Thread.java:595) This maybe be a duplicate or may have been resolved. I just' can't tell when from the Tomcat 5.x changelogs. Any help would be appreciated. Thank you. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You
svn commit: r1044359 - in /tomcat/trunk: java/org/apache/catalina/ java/org/apache/catalina/manager/ java/org/apache/catalina/session/ webapps/docs/
Author: markt
Date: Fri Dec 10 13:54:16 2010
New Revision: 1044359
URL: http://svn.apache.org/viewvc?rev=1044359view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50448
Regression caused by http://svn.apache.org/viewvc?view=revisionrevision=1036281
Modified:
tomcat/trunk/java/org/apache/catalina/Session.java
tomcat/trunk/java/org/apache/catalina/manager/DummyProxySession.java
tomcat/trunk/java/org/apache/catalina/session/ManagerBase.java
tomcat/trunk/java/org/apache/catalina/session/StandardSession.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/apache/catalina/Session.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/Session.java?rev=1044359r1=1044358r2=1044359view=diff
==
--- tomcat/trunk/java/org/apache/catalina/Session.java (original)
+++ tomcat/trunk/java/org/apache/catalina/Session.java Fri Dec 10 13:54:16 2010
@@ -90,6 +90,13 @@ public interface Session {
/**
+ * Return the creation time for this session, bypassing the session
validity
+ * checks.
+ */
+public long getCreationTimeInternal();
+
+
+/**
* Set the creation time for this session. This method is called by the
* Manager when an existing Session instance is reused.
*
Modified: tomcat/trunk/java/org/apache/catalina/manager/DummyProxySession.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/manager/DummyProxySession.java?rev=1044359r1=1044358r2=1044359view=diff
==
--- tomcat/trunk/java/org/apache/catalina/manager/DummyProxySession.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/manager/DummyProxySession.java Fri
Dec 10 13:54:16 2010
@@ -64,6 +64,11 @@ public class DummyProxySession implement
}
@Override
+public long getCreationTimeInternal() {
+return 0;
+}
+
+@Override
public String getId() {
return sessionId;
}
Modified: tomcat/trunk/java/org/apache/catalina/session/ManagerBase.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/session/ManagerBase.java?rev=1044359r1=1044358r2=1044359view=diff
==
--- tomcat/trunk/java/org/apache/catalina/session/ManagerBase.java (original)
+++ tomcat/trunk/java/org/apache/catalina/session/ManagerBase.java Fri Dec 10
13:54:16 2010
@@ -799,7 +799,8 @@ public abstract class ManagerBase extend
// the manager because it is being persisted - update the expired stats
if (update) {
long timeNow = System.currentTimeMillis();
-int timeAlive = (int) ((timeNow - session.getCreationTime())/1000);
+int timeAlive =
+(int) (timeNow - session.getCreationTimeInternal())/1000;
updateSessionMaxAliveTime(timeAlive);
expiredSessions.incrementAndGet();
SessionTiming timing = new SessionTiming(timeNow, timeAlive);
Modified: tomcat/trunk/java/org/apache/catalina/session/StandardSession.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/session/StandardSession.java?rev=1044359r1=1044358r2=1044359view=diff
==
--- tomcat/trunk/java/org/apache/catalina/session/StandardSession.java
(original)
+++ tomcat/trunk/java/org/apache/catalina/session/StandardSession.java Fri Dec
10 13:54:16 2010
@@ -1102,6 +1102,16 @@ public class StandardSession implements
/**
+ * Return the time when this session was created, in milliseconds since
+ * midnight, January 1, 1970 GMT, bypassing the session validation checks.
+ */
+@Override
+public long getCreationTimeInternal() {
+return this.creationTime;
+}
+
+
+/**
* Return the ServletContext to which this session belongs.
*/
@Override
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1044359r1=1044358r2=1044359view=diff
==
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Fri Dec 10 13:54:16 2010
@@ -126,6 +126,10 @@
bug50413/bug: Ensure 304 responses are not returned when using
static files as error pages. (markt)
/fix
+ fix
+bug50448/bug: Fix possible codeIllegalStateException/code
+caused by recent session management refactoring. (markt)
+ /fix
/changelog
/subsection
subsection name=Coyote
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50448] StandardSession.expire causes IllegalStateException: getCreationTime: Session already invalidated
https://issues.apache.org/bugzilla/show_bug.cgi?id=50448 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED --- Comment #1 from Mark Thomas ma...@apache.org 2010-12-10 08:54:50 EST --- Thanks for the report. Fixed in 7.0.x and will be included in 7.0.6 onwards. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50452] java.net.SocketTimeoutException: Exception filling buffer with data from underlying input stream: not an EAGAIN status, so perhaps disconnected client?
https://issues.apache.org/bugzilla/show_bug.cgi?id=50452 Mark Thomas ma...@apache.org changed: What|Removed |Added Status|NEW |RESOLVED Resolution||INVALID OS/Version||All --- Comment #1 from Mark Thomas ma...@apache.org 2010-12-10 08:55:42 EST --- Bugzilla is not a support forum. Please use the users mailing list. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50351] javax.naming.NamingException: No set method found for property: singleton
https://issues.apache.org/bugzilla/show_bug.cgi?id=50351 --- Comment #9 from Christophe Thiébaud christophe.thieb...@sap.com 2010-12-10 09:03:24 EST --- I confirm the patch works for me as well. thanks Christophe -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50453] New: Multiple X-Forwarded-For headers not handled by RemoteIP valve
https://issues.apache.org/bugzilla/show_bug.cgi?id=50453 Summary: Multiple X-Forwarded-For headers not handled by RemoteIP valve Product: Tomcat 6 Version: 6.0.29 Platform: PC OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Catalina AssignedTo: dev@tomcat.apache.org ReportedBy: brett.dellegra...@intact-is.com When a request comes in with multiple X-Forwarded-For headers the RemoteIP valve should be examining all of them in reverse order. As defined by the standard: Multiple message-header fields with the same field-name MAY be present in a message if and only if the entire field-value for that header field is defined as a comma-separated list [i.e., #(values)]. It MUST be possible to combine the multiple header fields into one field-name: field-value pair, without changing the semantics of the message, by appending each subsequent field-value to the first, each separated by a comma. The order in which header fields with the same field-name are received is therefore significant to the interpretation of the combined field value, and thus a proxy MUST NOT change the order of these field values when a message is forwarded. thus: (a) X-Forwarded-For: 192.168.0.3 X-Forwarded-For: 222.234.0.4 Is semantically equivalent to: (b) X-Forwarded-For: 192.168.0.3, 222.234.0.4 However (a) is not handled by the RemoteIP valve as it only ever looks at the first header. For reference, this was raised on the HAproxy mailing list: http://www.formilux.org/archives/haproxy/1012/4122.html and tomcat user's mailing list: http://mail-archives.apache.org/mod_mbox/tomcat-users/201012.mbox/%3c4d022c57.1070...@apache.org%3e Tomcat users suggested raising a bug. Hence this. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50453] Multiple X-Forwarded-For headers not handled by RemoteIP valve
https://issues.apache.org/bugzilla/show_bug.cgi?id=50453 brett.dellegra...@intact-is.com changed: What|Removed |Added CC||brett.dellegra...@intact-is ||.com -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50453] Multiple X-Forwarded-For headers not handled by RemoteIP valve
https://issues.apache.org/bugzilla/show_bug.cgi?id=50453 --- Comment #1 from Jim Riggs j...@riggs.me 2010-12-10 09:39:04 EST --- This is due to RemoteIpValve's use of request.getHeader() rather than the enumeration from request.getHeaders(). I'll try to whip up a patch... -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50453] Multiple X-Forwarded-For headers not handled by RemoteIP valve
https://issues.apache.org/bugzilla/show_bug.cgi?id=50453
--- Comment #2 from Rainer Jung rainer.j...@kippdata.de 2010-12-10 10:19:00
EST ---
I think there is no given standard concerning whether the first or the last
header is the right one (coming from the closest proxy). The same for a
comma-separated multi-valued header.
mod_remoteip for the Apache Web Server claims:
When multiple, comma delimited remote IP addresses are listed in the header
value, they are processed in Right-to-Left order. Processing halts when a given
remote IP address is not trusted to present the preceeding IP address. The
header field is updated to this remaining list of unconfirmed IP addresses, or
if all IP addresses were trusted, this header is removed from the request
altogether.
In replacing the remote_ip, the module stores the list of intermediate hosts in
a remoteip-proxy-ip-list note, which mod_log_config can record using the
%{remoteip-proxy-ip-list}n format token. If the administrator needs to store
this as an additional header, this same value can also be recording as a header
using the directive RemoteIPProxiesHeader.
So it might be a good idea to handle the IPs from right to left resp. later
headers before earlier ones, as long as the previous IP is trusted.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50453] Multiple X-Forwarded-For headers not handled by RemoteIP valve
https://issues.apache.org/bugzilla/show_bug.cgi?id=50453 --- Comment #3 from Mark Thomas ma...@apache.org 2010-12-10 10:46:07 EST --- RFC2616 is clear on how headers should be combined so order is retained. In short ... X-Forwarded-For : A, B ... X-Forwarded-For : C ... X-Forwarded-For : D, E must be treated exactly the same way as: X-Forwarded-For: A, B, C, D, E Tomcat will return values for a header in the correct order although it may return the above as A, B, C, D, E - I haven't checked. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50413] Tomcat returns 304 instead of 404 response for static custom 404 error file
https://issues.apache.org/bugzilla/show_bug.cgi?id=50413 --- Comment #3 from Konstantin Preißer prei...@web.de 2010-12-10 10:57:33 EST --- (In reply to comment #2) Thanks for the report. This has been fixed in 7.0.x and will be included in 7.0.6 onwards. Thanks :) I would like to note that the same behavior/bug exists in Tomcat 6.0.29 and 5.5.31 as well (I just tested it on these versions). Sorry I didn't that before. Maybe the fix needs to be backported? Cheers Konstantin -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50455] New: Jasper don't detects changes in jsp file if we load de jsp and after we modify the jsp in the same second
https://issues.apache.org/bugzilla/show_bug.cgi?id=50455 Summary: Jasper don't detects changes in jsp file if we load de jsp and after we modify the jsp in the same second Product: Tomcat 7 Version: 7.0.5 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Jasper AssignedTo: dev@tomcat.apache.org ReportedBy: a...@enforex.es If we have a jsp file (not in a war file; just directly in the file system) then we first call the jsp; then it is compiled and executed. But if after this, the jsp file is modified very very fast (by an external process for example), then, jasper does not detect the change and then do not recompile the file, and so on, we do not see the change with the first version. this is because in the class: org/apache/jasper/compiler/Compiler.java in the line 442 is like: 'if (targetLastModified jspRealLastModified)' Why is the error? because in some systems, the method lastModified or getLastModified does not care miliseconds and return units in seconds. Then, if we first compile, and after (in the same second) we modify the jsp file, as the functions ignores miliseconds units, then jspRealLastModified is equals to targetLastModified (BUT IT IS NOT). So I think is that the solution is very simple. Change the condition from: 'if (targetLastModified jspRealLastModified)' to 'if (targetLastModified = jspRealLastModified)' I tried this and it works. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50455] Jasper don't detects changes in jsp file if we load de jsp and after we modify the jsp in the same second
https://issues.apache.org/bugzilla/show_bug.cgi?id=50455 --- Comment #1 from Alejandro Anadon a...@enforex.es 2010-12-10 13:22:51 EST --- (In reply to comment #0) If we have a jsp file (not in a war file; just directly in the file system) then we first call the jsp; then it is compiled and executed. But if after this, the jsp file is modified very very fast (by an external process for example), then, jasper does not detect the change and then do not recompile the file, and so on, we do not see the change with the first version. this is because in the class: org/apache/jasper/compiler/Compiler.java in the line 442 is like: 'if (targetLastModified jspRealLastModified)' Why is the error? because in some systems, the method lastModified or getLastModified does not care miliseconds and return units in seconds. Then, if we first compile, and after (in the same second) we modify the jsp file, as the functions ignores miliseconds units, then jspRealLastModified is equals to targetLastModified (BUT IT IS NOT). So I think is that the solution is very simple. Change the condition from: 'if (targetLastModified jspRealLastModified)' to 'if (targetLastModified = jspRealLastModified)' I tried this and it works. Just only to clarify that when I say 'the method lastModified or getLastModified does not care miliseconds and return units in seconds' I do not mean that the funtion returns seconds.. I mean that if the real time is '1292005037195' it returns '1292005037000' ignoring the 195ms. (The timestamp of creation of the file, In some file systems does this.) I tried to be as much clear as it is posible. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50453] Multiple X-Forwarded-For headers not handled by RemoteIP valve
https://issues.apache.org/bugzilla/show_bug.cgi?id=50453 --- Comment #4 from Christopher Schultz ch...@christopherschultz.net 2010-12-10 14:40:29 EST --- So, should the RemoteIPValve/Filter should be looking at the first X-Forwarded-For (A) or the last X-Forwarded-For (E) address? It sounds like the reporter was expecting E but the spec seems to imply that A should be returned. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50453] Multiple X-Forwarded-For headers not handled by RemoteIP valve
https://issues.apache.org/bugzilla/show_bug.cgi?id=50453 --- Comment #5 from William A. Rowe Jr. wr...@apache.org 2010-12-10 15:24:59 EST --- Rainer, the spec is absolutely clear about precidence, the last (rightmost) value is added by the nearest adjacent proxy to the server agent. Ergo, the first (leftmost) value was added by the proxy closest to the user agent. mod_remoteip uses this in combination of proxy trust metrics to determine how far back to unwind that from the rightmost value. Perhaps only the proxies under the control of the server administrator will be trusted, in which case only the last or near-last value will be used, or perhaps all servers are trusted and any arbitrary value presented by any proxy will be accepted, in which case the first value is used. It entirely depends on what the administrator wants, either trusted values of X-Forwarded-For presented by known proxy agents, or any arbitrary/potentially spammed values. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
DO NOT REPLY [Bug 50453] Multiple X-Forwarded-For headers not handled by RemoteIP valve
https://issues.apache.org/bugzilla/show_bug.cgi?id=50453 --- Comment #6 from Jim Riggs j...@riggs.me 2010-12-10 16:48:05 EST --- (In reply to comment #4) So, should the RemoteIPValve/Filter should be looking at the first X-Forwarded-For (A) or the last X-Forwarded-For (E) address? Chris - It should be looking at them as if they were combined in a single comma-separated list and evaluating them from right-to-left. As Mark said, regardless of how the header(s) are received, it should be treated as X-Forwarded-For: A, B, C, D, E and RemoteIP should trust them in the order E - D - C - B - A. I will make sure that the switch to getHeaders() in my patch does this. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
