-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Mark,
On 12/12/19 04:38, Mark Thomas wrote: > On 11/12/2019 19:17, Christopher Schultz wrote: >> On 12/11/19 13:01, Mark Thomas wrote: > > <snip/> > >>> Setting RECYCLE_FACADES=true does exactly that. Continued used >>> by the app triggers an NPE since the underlying >>> request/response is no longer there. Hence my question. >> >> RequestFacade currently has a number of methods that perform >> null-checks on the "request" member, but not all methods do this. >> Exampl e: >> >> @Override public ServletContext getServletContext() { if (request >> == null) { throw new IllegalStateException( >> sm.getString("requestFacade.nullRequest")); } >> >> return request.getServletContext(); } >> >> Negative example: >> >> @Override public AsyncContext startAsync() throws >> IllegalStateException { return request.startAsync(); } >> >> Should these be aligned? > > Probably. It will only change the exception from an NPE to ISE but > I guess we should be consistent here. > >> It seems to me that if recycleFacades="false" then there really >> isn't any reason to wrap the request (response, etc.) in a facade >> object at all, is there? > > It makes it harder for a malicious app to get at the internal > object. That's what I thought. So, if you trust the webapp and there are no held-reference bugs, then the facades are completely superfluous. Right now, the only option is either to re-use facades (which is potentially dangerous if the webapp has held-reference bugs) or recycle them (which is wasteful, GC-wise). There is no option to NOT use them. I'm just wondering if there is an opportunity for simpler execution in a "known trusted" configuration -- which is very common. - -chris -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl3yXBAACgkQHPApP6U8 pFj9HhAAg3UuJ93OPeDggzdTXHj1uafJUVttma50XsQqHGw9IzXjKp0y68j1c/ro Ii2Rm+/HnGyQG4tMk0ILTkkI6b9235Y8ywk7tTCVeiZppIgcnGH29MkARKakjXyW Q95OAOKoUQ2Bo0z7Hl8jJCi/Ri+VAyV6O98q4nVKh2sx0a99wE+Q2GNBxqH2621r AAGg9Bm9/GOQYOx04Lr6nEwLyWQJy8MyD9rYX5lr0wmh16AFj4l4Tey8oEFEsNuW AUMflBgxuQV5BIICQPwSmHvZ4F0Poo4qxtSbO8N5vryecIxk2xxPvNMuK5GnQ87N PepT0i9Pi/UAqK1P7MH6djc9Kz2ps2KyGU9kbYri0EqhST0lefTiBBXPUwxyv9PM eDOvwAnk80Fp3Jt/KG9ygVuujmmm4qLWFk2CcauZhB08XQSUGxmIqNgTNLwFut0O Kj5JhzJ5Patr+0nohywwDLQ1Cr3DYqvbz0hCjmWIAM0OIVMbIX4aGyQpetyU/imL b5RNLcWeMqt5uM+gtQ7aQbBhwbuZpMVWXqPV4AREpPI0ek7HJlgNPZlTHVr6KrVo i9lAZfYvtbkLDNs2JJitYDhv4TqbvH3X3jh9lXmgzuUirrmq1R+9tP92N/MUepHE rlwyx4DESz5CiutWZksjzJHRK4aqLmUnFB0vZ8pMfyeLXXzUcfc= =DZCT -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org