JBossWeb SVN: r692 - trunk/webapps/docs.
by jbossweb-commits@lists.jboss.org
Author: remy.maucherat(a)jboss.com
Date: 2008-07-01 10:33:20 -0400 (Tue, 01 Jul 2008)
New Revision: 692
Modified:
trunk/webapps/docs/changelog.xml
Log:
- Update changelog.
Modified: trunk/webapps/docs/changelog.xml
===================================================================
--- trunk/webapps/docs/changelog.xml 2008-07-01 09:50:33 UTC (rev 691)
+++ trunk/webapps/docs/changelog.xml 2008-07-01 14:33:20 UTC (rev 692)
@@ -66,6 +66,35 @@
<fix>
Fix XSS in the host manager. (markt)
</fix>
+ <add>
+ Add discovery of httpd servers to ClusterListener. (remm)
+ </add>
+ <fix>
+ Possible NPE when logging on shutdown. (fhanik)
+ </fix>
+ <fix>
+ <bug>45195</bug>: NPE when calling getAttribute(null). (markt)
+ </fix>
+ <fix>
+ <bug>43683</bug>: There was a short period where the context didn't appear in the mapper
+ that resulted in some more 404s. (markt)
+ </fix>
+ <fix>
+ Allow to start several JBossWEB on one machine with multiple IP. (jfclere)
+ </fix>
+ <fix>
+ <jboss-jira>JBAS-5645</jboss-jira>: Fix FORM issues with body. (jfclere)
+ </fix>
+ <fix>
+ Better information if native library fails to load. (jfclere)
+ </fix>
+ <fix>
+ <jboss-jira>JBAS-5636</jboss-jira>: In DELAY_CONNECTOR_STARTUP mode, also let the embedding server
+ control stopping the connectors. (remm)
+ </fix>
+ <fix>
+ <jboss-jira>JBAS-5671</jboss-jira>: Check child the right child is passed when removing it. (remm)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
@@ -85,6 +114,10 @@
<fix>
<bug>42750</bug>: Make parsing of request line more tolerant of multiple SP and/or HT. (markt)
</fix>
+ <fix>
+ <bug>45272</bug>: IE is not fully compliant, and the redone cookies could cause issues with
+ quoted paths. (fhanik)
+ </fix>
</changelog>
</subsection>
<subsection name="Jasper">
@@ -96,6 +129,13 @@
Add an additional layer of protection in case app fails to protect against an XSS.
Copied filter code to jasper module so no new dependency is created. (markt)
</fix>
+ <fix>
+ <bug>43285</bug>: Make forced coercion of null and "" to zero optional. Patch by Nils Eckert. (markt)
+ </fix>
+ <fix>
+ <bug>45015</bug>: Raise an error if attributes are not correctly quoted, with an option
+ to disable. (markt)
+ </fix>
</changelog>
</subsection>
</section>
16 years, 5 months
- 1
- 0
JBossWeb SVN: r691 - trunk/webapps/docs.
by jbossweb-commits@lists.jboss.org
Author: remy.maucherat(a)jboss.com
Date: 2008-07-01 05:50:33 -0400 (Tue, 01 Jul 2008)
New Revision: 691
Modified:
trunk/webapps/docs/ssl-howto.xml
Log:
- Add some extra info on keystore type.
Modified: trunk/webapps/docs/ssl-howto.xml
===================================================================
--- trunk/webapps/docs/ssl-howto.xml 2008-07-01 09:50:05 UTC (rev 690)
+++ trunk/webapps/docs/ssl-howto.xml 2008-07-01 09:50:33 UTC (rev 691)
@@ -428,7 +428,9 @@
<attribute name="keystoreType" required="false">
<p>The type of keystore file to be used for the server certificate.
- If not specified, the default value is "<code>JKS</code>".</p>
+ If not specified, the default value is "<code>JKS</code>".
+ For example the *.p12 files from openssl can be used using
+ <code>PKCS12</code></td></p>
</attribute>
<attribute name="sslProtocol" required="false">
16 years, 5 months
- 1
- 0
JBossWeb SVN: r690 - trunk/java/org/apache/tomcat/util/http.
by jbossweb-commits@lists.jboss.org
Author: remy.maucherat(a)jboss.com
Date: 2008-07-01 05:50:05 -0400 (Tue, 01 Jul 2008)
New Revision: 690
Modified:
trunk/java/org/apache/tomcat/util/http/ServerCookie.java
Log:
- Add more code to avoid quoting paths.
Modified: trunk/java/org/apache/tomcat/util/http/ServerCookie.java
===================================================================
--- trunk/java/org/apache/tomcat/util/http/ServerCookie.java 2008-06-30 17:38:13 UTC (rev 689)
+++ trunk/java/org/apache/tomcat/util/http/ServerCookie.java 2008-07-01 09:50:05 UTC (rev 690)
@@ -135,6 +135,7 @@
private static final String tspecials = ",; ";
private static final String tspecials2 = "()<>@,;:\\\"/[]?={} \t";
+ private static final String tspecials2NoSlash = "()<>@,;:\\\"[]?={} \t";
/*
* Tests a string and returns true if the string counts as a
@@ -146,6 +147,11 @@
* token; <code>false</code> if it is not
*/
public static boolean isToken(String value) {
+ return isToken(value,null);
+ }
+
+ public static boolean isToken(String value, String literals) {
+ String tspecials = (literals==null?ServerCookie.tspecials:literals);
if( value==null) return true;
int len = value.length();
@@ -172,8 +178,12 @@
return false;
}
+ public static boolean isToken2(String value) {
+ return isToken2(value,null);
+ }
- public static boolean isToken2(String value) {
+ public static boolean isToken2(String value, String literals) {
+ String tspecials2 = (literals==null?ServerCookie.tspecials2:literals);
if( value==null) return true;
int len = value.length();
@@ -299,7 +309,11 @@
// Path=path
if (path!=null) {
buf.append ("; Path=");
- maybeQuote2(version, buf, path);
+ if (version==0) {
+ maybeQuote2(version, buf, path);
+ } else {
+ maybeQuote2(version, buf, path, ServerCookie.tspecials2NoSlash, false);
+ }
}
// Secure
@@ -341,6 +355,10 @@
}
public static int maybeQuote2 (int version, StringBuffer buf, String value, boolean allowVersionSwitch) {
+ return maybeQuote2(version,buf,value,null,allowVersionSwitch);
+ }
+
+ public static int maybeQuote2 (int version, StringBuffer buf, String value, String literals, boolean allowVersionSwitch) {
if (value==null || value.length()==0) {
buf.append("\"\"");
}else if (containsCTL(value,version))
@@ -349,16 +367,16 @@
buf.append('"');
buf.append(escapeDoubleQuotes(value,1,value.length()-1));
buf.append('"');
- } else if (allowVersionSwitch && (!STRICT_SERVLET_COMPLIANCE) && version==0 && !isToken2(value)) {
+ } else if (allowVersionSwitch && (!STRICT_SERVLET_COMPLIANCE) && version==0 && !isToken2(value, literals)) {
buf.append('"');
buf.append(escapeDoubleQuotes(value,0,value.length()));
buf.append('"');
version = 1;
- } else if (version==0 && !isToken(value)) {
+ } else if (version==0 && !isToken(value,literals)) {
buf.append('"');
buf.append(escapeDoubleQuotes(value,0,value.length()));
buf.append('"');
- } else if (version==1 && !isToken2(value)) {
+ } else if (version==1 && !isToken2(value,literals)) {
buf.append('"');
buf.append(escapeDoubleQuotes(value,0,value.length()));
buf.append('"');
@@ -427,4 +445,3 @@
bc.setEnd(dest);
}
}
-
16 years, 5 months
- 1
- 0