• last updated a few seconds ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
BZ1548975: Port Tomcat patch for CVE-2018-1304.
BZ1520539: Log all multi value headers. Submitted by Petr Jurak.
BZ1460573: Handle error processing as a GET, fix for CVE-2017-5664.
BZ1419145: Hack to force restore of the content type header even when there's no body. Submitted by Aaron Ogburn.
    • -10
    • +11
    ./authenticator/FormAuthenticator.java
BZ1439225: set encoding for multipart/form-data. Submitted by Aaron Ogburn.
BZ1410869: Fix sync of AysncContext.complete, and change all syncs from the processor object to the request object (since it is available everywhere).
    • -12
    • +16
    ./connector/AsyncContextImpl.java
  1. … 10 more files in changeset.
BZ1410869: Make the async context a separate object from the request, so that it can be recycled to avoid bad side effects.
    • -0
    • +253
    ./connector/AsyncContextImpl.java
BZ1391834: Avoid logging NPE.
BZ1376379: Port Tomcat change that sets 500 status when an unexpected exception is caught as best effort to report an error.
BZ1302434: Remove code block that seems useless (query string parameters will be parsed again, and is not used with a request body).
    • -9
    • +0
    ./authenticator/FormAuthenticator.java
BZ1315982: Port fix for minor flaw in URL normalization.
BZ1315598: Add session id length configuration, submitted by Enrique Gonzalez Martinez.
BZ1302555: Make max active sessions fully accurate.
BZ1241032: Remove version numbers. Submitted by baranowb.
  1. … 1 more file in changeset.
BZ1221446: Filter out HEAD method. Submitted by Hisanobu Okuda.
    • -2
    • +5
    ./authenticator/FormAuthenticator.java
BZ1246939: Fix issue uploading multiple files (with identical names).
BZ1241216: prevent NPE in JBossWeb in RealmBase
BZ1196513: Add patch to allow overriding servlets. Submitted by James Livingston.
[JBWEB-312] Check if the output buffer can grow before flushing it when using a writer.
  1. … 1 more file in changeset.
[JBWEB-258] Ensure concurrent requests that require DIGEST auth receive unique nonces
    • -0
    • +15
    ./authenticator/DigestAuthenticator.java
BZ1173313: Add hack to filter out some events, submitted by Aaron Ogburn.
JBWEB-308: Add extra hooks.
BZ1168870: optimization submitted by John O'Hara.
BZ1163126 refix: The inner class used was not actually serializable (additional stuff).
    • -6
    • +8
    ./valves/CrawlerSessionManagerValve.java
BZ1163126 refix: The inner class used was not actually serializable.
    • -13
    • +24
    ./valves/CrawlerSessionManagerValve.java
Change websocket output to skip buffering and add some sync (input is synced upstream, but not output, which is weird).
  1. … 1 more file in changeset.
Same as r2381, avoid NPE after recycle.
- Harmonize read with write, it's simpler and passes all the tests.
  1. … 2 more files in changeset.
BZ1163126: Refactor using a serializable binding listener.
    • -14
    • +15
    ./valves/CrawlerSessionManagerValve.java
[JBWEB-305] Add file name information in detail error when compiling the java file
    • -0
    • +0
    ./authenticator/DigestAuthenticator.java
  1. … 3 more files in changeset.