On Thu, Oct 29, 2015 at 12:42 AM, Mark Thomas wrote:
> [ ] Continue to use RTC for 6.0.x
> [ X ] Switch 6.0.x to CTR
>
The Buildbot has detected a restored build on builder tomcat-8-trunk while
building ASF Buildbot. Full details are available at:
http://ci.apache.org/builders/tomcat-8-trunk/builds/214
Buildbot URL: http://ci.apache.org/
Buildslave for this Build: silvanus_ubuntu
Build Reason: The AnyBranch
To whom it may engage...
This is an automated request, but not an unsolicited one. For
more information please visit http://gump.apache.org/nagged.html,
and/or contact the folk at gene...@gump.apache.org.
Project tomcat-trunk-test-nio2 has an issue affecting its community integration.
T
Author: violetagg
Date: Thu Oct 29 05:42:13 2015
New Revision: 1711179
URL: http://svn.apache.org/viewvc?rev=1711179&view=rev
Log:
Fixed checkstyle violation
Modified:
tomcat/tc8.0.x/trunk/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java
Modified:
tomcat/tc8.0.x/trunk/java/or
Author: violetagg
Date: Thu Oct 29 05:42:40 2015
New Revision: 1711180
URL: http://svn.apache.org/viewvc?rev=1711180&view=rev
Log:
Fixed checkstyle violation
Modified:
tomcat/tc7.0.x/trunk/java/org/apache/catalina/filters/RestCsrfPreventionFilter.java
Modified:
tomcat/tc7.0.x/trunk/java/or
To whom it may engage...
This is an automated request, but not an unsolicited one. For
more information please visit http://gump.apache.org/nagged.html,
and/or contact the folk at gene...@gump.apache.org.
Project tomcat-tc8.0.x-validate has an issue affecting its community
integration.
To whom it may engage...
This is an automated request, but not an unsolicited one. For
more information please visit http://gump.apache.org/nagged.html,
and/or contact the folk at gene...@gump.apache.org.
Project tomcat-tc7.0.x-validate has an issue affecting its community
integration.
2015-10-29 1:42 GMT+03:00 Mark Thomas :
> All,
>
> Many years ago, we switched all release branches to RTC primarily to
> address a community problem where we could not agree on the best way
> forward for some parts of the code.
>
> RTC served us well. The disagreements ceased pretty much instantly
https://bz.apache.org/bugzilla/show_bug.cgi?id=58551
--- Comment #15 from Konstantin Kolinko ---
One of widely used technologies of using plaintext vs encrypted communication
over the same connection is STARTTLS.
https://en.wikipedia.org/wiki/STARTTLS
It has known weaknesses and I would not rec
2015-10-28 23:42 GMT+01:00 Mark Thomas :
> I would therefore like to propose that we switch the 6.0.x release
> branch from RTC to CTR and am therefore calling a VOTE to make this change.
>
> [ ] Continue to use RTC for 6.0.x
> [X] Switch 6.0.x to CTR
>
> Comments:
- How close is 6.0 from getting
> [ ] Continue to use RTC for 6.0.x
> [X] Switch 6.0.x to CTR
Mark
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
All,
Many years ago, we switched all release branches to RTC primarily to
address a community problem where we could not agree on the best way
forward for some parts of the code.
RTC served us well. The disagreements ceased pretty much instantly.
However, RTC also slowed us down.
The development
https://bz.apache.org/bugzilla/show_bug.cgi?id=58551
Mark Thomas changed:
What|Removed |Added
Status|NEW |RESOLVED
Resolution|---
The Buildbot has detected a new failure on builder tomcat-8-trunk while
building ASF Buildbot. Full details are available at:
http://ci.apache.org/builders/tomcat-8-trunk/builds/213
Buildbot URL: http://ci.apache.org/
Buildslave for this Build: silvanus_ubuntu
Build Reason: The AnyBranchSch
Author: violetagg
Date: Wed Oct 28 20:46:50 2015
New Revision: 1711130
URL: http://svn.apache.org/viewvc?rev=1711130&view=rev
Log:
Merged revision 1709120 from tomcat/trunk:
Basic implementation for CSRF protection for REST.
Documentation will follow.
Added:
tomcat/tc7.0.x/trunk/java/org/apa
2015-10-28 23:03 GMT+03:00 Milo van der Zee :
> Hello Chris,
>
> That is what I did but I expect a lot of people to have this problem. Seeing
> a lot of default valves included I would like to also have this valve as
> default.
>
> public class RequestValve extends ValveBase {
> /**
> * Se
Milo,
On 10/28/15 4:03 PM, Milo van der Zee wrote:
> That is what I did but I expect a lot of people to have this problem.
> Seeing a lot of default valves included I would like to also have this
> valve as default.
-1
Most applications don't need this. It's another layer of code that
doesn't ne
Author: violetagg
Date: Wed Oct 28 20:03:42 2015
New Revision: 174
URL: http://svn.apache.org/viewvc?rev=174&view=rev
Log:
Merged revision 1709120 from tomcat/trunk:
Basic implementation for CSRF protection for REST.
Documentation will follow.
Added:
tomcat/tc8.0.x/trunk/java/org/apa
Hello Chris,
That is what I did but I expect a lot of people to have this problem.
Seeing a lot of default valves included I would like to also have this
valve as default.
public class RequestValve extends ValveBase {
/**
* Session for current thread.
*/
static InheritableTh
Mark,
On 10/28/15 12:34 PM, Mark Thomas wrote:
> On 28/10/2015 13:01, Roel Storms wrote:
>> Hello,
>>
>>
>> I was looking into session management on Tomcat 8.0.29 and found this
>> comment:
>>
>> In apache.catalina.connector.Request method doGetSession(bool) line 2886:
>>
>>* // Attempt t
Milo,
On 10/28/15 4:12 AM, Milo van der Zee wrote:
> With request I mean the 'org.apache.catalina.connector.Request' but this
> implements 'javax.servlet.http.HttpServletRequest'. So, one and the same
> thing for my situation.
> And I don't only want access to that information during authenticatio
Author: violetagg
Date: Wed Oct 28 19:14:42 2015
New Revision: 1711108
URL: http://svn.apache.org/viewvc?rev=1711108&view=rev
Log:
Merged revision 1708957 from tomcat/trunk:
Extract common functionality from CsrfPreventionFilter to
CsrfPreventionFilterBase
Added:
tomcat/tc7.0.x/trunk/java/o
Author: violetagg
Date: Wed Oct 28 19:09:46 2015
New Revision: 1711104
URL: http://svn.apache.org/viewvc?rev=1711104&view=rev
Log:
Merged revision 1708957 from tomcat/trunk:
Extract common functionality from CsrfPreventionFilter to
CsrfPreventionFilterBase
Added:
tomcat/tc8.0.x/trunk/java/o
https://bz.apache.org/bugzilla/show_bug.cgi?id=58551
--- Comment #14 from romain.manni-bucau ---
Ok, then close the issue.
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev
https://bz.apache.org/bugzilla/show_bug.cgi?id=58551
--- Comment #13 from Remy Maucherat ---
An extend capability is useless as well. There is no guarantee the connectors
design or API will remain stable, so it is just as simple to make whetever
necessary changes to Tomcat as part of the build pr
https://bz.apache.org/bugzilla/show_bug.cgi?id=58551
--- Comment #12 from romain.manni-bucau ---
@Mark: there is a discussion - think it is on the list - to make connectors
easier to impl/extend. For me it should be as easy as wrapping HTTP and HTTPs
connectors - = implementing it as a wrapper of
On 28/10/2015 13:01, Roel Storms wrote:
> Hello,
>
>
> I was looking into session management on Tomcat 8.0.29 and found this
> comment:
>
> In apache.catalina.connector.Request method doGetSession(bool) line 2886:
>
>* // Attempt to reuse session id if one was submitted in a cookie*
>
https://bz.apache.org/bugzilla/show_bug.cgi?id=58143
Mark Thomas changed:
What|Removed |Added
CC||marek.stanulew...@gmail.com
--- Comment
https://bz.apache.org/bugzilla/show_bug.cgi?id=58560
Mark Thomas changed:
What|Removed |Added
Status|NEW |RESOLVED
Resolution|---
https://bz.apache.org/bugzilla/show_bug.cgi?id=58551
--- Comment #11 from Mark Thomas ---
I remain unconvinced that this feature is a) necessary or b) a good idea.
(In reply to romain.manni-bucau from comment #10)
> Why Tomcat couldn't get this? The code itself is very limited.
Implementing thi
The Buildbot has detected a restored build on builder tomcat-trunk while
building ASF Buildbot. Full details are available at:
http://ci.apache.org/builders/tomcat-trunk/builds/540
Buildbot URL: http://ci.apache.org/
Buildslave for this Build: silvanus_ubuntu
Build Reason: The AnyBranchSche
Author: violetagg
Date: Wed Oct 28 15:11:55 2015
New Revision: 1711027
URL: http://svn.apache.org/viewvc?rev=1711027&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=58544
Merged revision 1711026 from tomcat/trunk:
Switch from
request.getContentLength to request.getContentLengthLo
Author: violetagg
Date: Wed Oct 28 15:02:03 2015
New Revision: 1711026
URL: http://svn.apache.org/viewvc?rev=1711026&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=58544
Switch from
request.getContentLength to request.getContentLengthLong
urlConnection.getContentLength to urlCon
The Buildbot has detected a build exception on builder tomcat-trunk while
building ASF Buildbot. Full details are available at:
http://ci.apache.org/builders/tomcat-trunk/builds/539
Buildbot URL: http://ci.apache.org/
Buildslave for this Build: silvanus_ubuntu
Build Reason: The AnyBranchSch
Author: kkolinko
Date: Wed Oct 28 14:40:41 2015
New Revision: 1711023
URL: http://svn.apache.org/viewvc?rev=1711023&view=rev
Log:
Add @since annotation to request.getContentLengthLong() method and update some
javadocs. This method is since Tomcat 8 / Servlet 3.1.
Merged r1711022 from tomcat/trunk
Author: kkolinko
Date: Wed Oct 28 14:38:59 2015
New Revision: 1711022
URL: http://svn.apache.org/viewvc?rev=1711022&view=rev
Log:
Add @since annotation to request.getContentLengthLong() method and update some
javadocs. This method is since Tomcat 8 / Servlet 3.1.
Modified:
tomcat/trunk/java/
https://bz.apache.org/bugzilla/show_bug.cgi?id=58544
--- Comment #4 from Remy Maucherat ---
Good move, the "efficiency" of the request dumper valve is meaningless, this
issue is really nonsense. However, using the int version may not work properly,
so that's a real fix.
--
You are receiving thi
https://bz.apache.org/bugzilla/show_bug.cgi?id=58544
--- Comment #3 from Violeta Georgieva ---
I switched to request.getContentLengthLong in trunk and Tomcat 8 trunk
--
You are receiving this mail because:
You are the assignee for the bug.
--
Author: violetagg
Date: Wed Oct 28 14:05:19 2015
New Revision: 1711017
URL: http://svn.apache.org/viewvc?rev=1711017&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=58544
Merged revision 1711016 from tomcat/trunk:
Switch from request.getContentLength to request.getContentLengthLon
Author: violetagg
Date: Wed Oct 28 14:02:47 2015
New Revision: 1711016
URL: http://svn.apache.org/viewvc?rev=1711016&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=58544
Switch from request.getContentLength to request.getContentLengthLong
Modified:
tomcat/trunk/java/org/apac
https://bz.apache.org/bugzilla/show_bug.cgi?id=58535
Violeta Georgieva changed:
What|Removed |Added
Status|NEW |RESOLVED
Resolution|---
Author: violetagg
Date: Wed Oct 28 13:39:17 2015
New Revision: 1711009
URL: http://svn.apache.org/viewvc?rev=1711009&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=58535
Merged revision 1711006 from tomcat/trunk:
Use Collections.reverseOrder instead of home made
org.apache.catal
Author: violetagg
Date: Wed Oct 28 13:34:10 2015
New Revision: 1711008
URL: http://svn.apache.org/viewvc?rev=1711008&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=58535
Merged revision 1711006 from tomcat/trunk:
Use Collections.reverseOrder instead of home made
org.apache.catal
Author: violetagg
Date: Wed Oct 28 13:27:10 2015
New Revision: 1711006
URL: http://svn.apache.org/viewvc?rev=1711006&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=58535
Use Collections.reverseOrder instead of home made
org.apache.catalina.manager.util.ReverseComparator
Removed
Hello,
I was looking into session management on Tomcat 8.0.29 and found this
comment:
In apache.catalina.connector.Request method doGetSession(bool) line 2886:
* // Attempt to reuse session id if one was submitted in a cookie*
*// Do not reuse the session id if it is from a URL,
Author: remm
Date: Wed Oct 28 10:24:08 2015
New Revision: 1710980
URL: http://svn.apache.org/viewvc?rev=1710980&view=rev
Log:
Remove TODO that will never be done.
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
Modified:
tomcat/trunk/java/org/apache/tomcat/
https://bz.apache.org/bugzilla/show_bug.cgi?id=58560
--- Comment #2 from Andrei Ivanov ---
See https://jira.spring.io/browse/SPR-13210
--
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe,
https://bz.apache.org/bugzilla/show_bug.cgi?id=58560
marek.stanulew...@gmail.com changed:
What|Removed |Added
OS||All
--- Comment #1 from m
https://bz.apache.org/bugzilla/show_bug.cgi?id=58560
Bug ID: 58560
Summary: Load time weaving not working in struts2 action
classes
Product: Tomcat 7
Version: 7.0.64
Hardware: PC
Status: NEW
Severity:
https://bz.apache.org/bugzilla/show_bug.cgi?id=58530
--- Comment #6 from Ognjen Blagojevic ---
(In reply to Remy Maucherat from comment #5)
> In the "code" there are a lot of style left in the HTML, I suppose this will
> move away right ?
Right.
--
You are receiving this mail because:
You are
https://bz.apache.org/bugzilla/show_bug.cgi?id=58508
--- Comment #4 from Violeta Georgieva ---
Hello,
The issue is fixed for Tomcat 7 and Tomcat 8.
We moved the issue to Tomcat 6 and proposed a fix there, because of this the
version now is Tomcat 6.
Regards,
Violeta
--
You are receiving this
https://bz.apache.org/bugzilla/show_bug.cgi?id=58508
--- Comment #3 from Fred 33 ---
Bonjour,
the version of my tomcat server is 7.057 , and not 6.x
Regards
Frederic
--
You are receiving this mail because:
You are the assignee for the bug.
--
.gz=/srv/gump/public/workspace/apache-commons/daemon/dist/bin/commons-daemon-20151028-native-src.tar.gz
-Dexamples.sources.skip=true
-Djdt.jar=/srv/gump/packages/eclipse/plugins/R-4.5-201506032000/ecj-4.5.jar
-Dtest.apr.loc=/srv/gump/public/workspace/tomcat-native-trunk/dest-20151028/lib
-Dt
Hello Chris,
With request I mean the 'org.apache.catalina.connector.Request' but this
implements 'javax.servlet.http.HttpServletRequest'. So, one and the same
thing for my situation.
And I don't only want access to that information during authentication
but it can also be used to pass informat
https://bz.apache.org/bugzilla/show_bug.cgi?id=58530
--- Comment #5 from Remy Maucherat ---
I guess it looks better now.
In the "code" there are a lot of style left in the HTML, I suppose this will
move away right ?
--
You are receiving this mail because:
You are the assignee for the bug.
---
55 matches
Mail list logo