I have more comments on this: Another quirk of windows may be DOS filenames. If you have directory or file name longer than 8 characters, it will be accesible...
Jan Hlavaty
egroups@...
Dec 1, 2000 11:05 am
967
... OUCH!!!!! At least WEB-INF should be safe from that. ... I guess that is what running from a packed WAR file is??? ... Well jetty only requires that...
Greg Wilkins
gregw@...
Dec 1, 2000 11:28 am
968
Apologies if this has been discussed already but I can't seem to find a reference to this issue. Why does addWebApplication() takes an url mapping as...
Ben Marchal (Mailing ...
bulk@...
Dec 1, 2000 11:39 am
969
... The webapplication url mapping is the context mapping. The mappings within web.xml are only within the context. So if you install a web app at /context/* ...
Greg Wilkins
gregw@...
Dec 1, 2000 11:47 am
970
Does not the following address this issue for Tomcat 3.2 ? (from $TOMCAT_HOME/doc/readme) 6.7 URL's are now case sensitive on all operating systems As of...
Petr Jiricka
petr.jiricka@...
Dec 1, 2000 1:04 pm
971
It helps, but does not solve the problem completely. Firstly user servlets that use getResource or getRealPath calls will not use the tomcat URL mechanism....
Greg Wilkins
gregw@...
Dec 1, 2000 1:25 pm
972
... You can get around most (all?) of these issues by: 1. Configuring Jetty to use case-insensitive filename comparisons (and I have no idea if this is easy)....
Preston L. Bannister
preston@...
Dec 1, 2000 5:18 pm
973
... Tomcat 3.2 and 4.0 both have special logic to protect against the "/WeB-iNf" type attacks. They will not serve up static resources under WEB-INF or...
Craig R. McClanahan
Craig.McClanahan@...
Dec 1, 2000 6:40 pm
974
... Interrupting a thread seems to be a "weak spot" for Java in general. See the discussion on these pages: ...
Robert Munyer
munyer@...
Dec 1, 2000 7:21 pm
975
... This is a very clever and appealing solution. Unfortunately, like all the other solutions, it doesn't quite work. ... The guys in the anti-double-check...
Robert Munyer
munyer@...
Dec 1, 2000 8:34 pm
976
Robert Munyer wrote: Robert, thanks for taking the time to explain this - you probably have had to do it many many times. The nasty thing about you...
Greg Wilkins
gregw@...
Dec 1, 2000 10:32 pm
977
... Yes, that's the problem. If a thread keeps running without synchronizing, its memory can get hopelessly out of date versus the other threads' memory. ... ...
Robert Munyer
munyer@...
Dec 2, 2000 12:36 am
978
... Isn't volatile supposed to cure that? Did you see my proposal about solving this problem? It consistend in making a primitive value (a boolean) the subject...
Juancarlo Anez
juancarlo@...
Dec 2, 2000 1:24 am
979
... So there are really two classes of problem that have to be addressed: out of order writes on a system with a coherent cache and stale data on a system with...
Greg Wilkins
gregw@...
Dec 2, 2000 10:21 am
980
... B.c __objectConstructed is not in the cache, so it goes and fetches an up to date version - which is true. So it does not synchronize and uses the...
Greg Wilkins
gregw@...
Dec 2, 2000 10:26 am
981
About case-sensitivity of URLs/filenames and Windows 8.3 filename mapping: Web servers already give "Bad request" responses for URLs with problematic elements...
Cris Perdue
cris@...
Dec 2, 2000 10:09 pm
982
... But people may wish to use the convention of a /~username URL or even a /context/~username. ... But the problem is not only on Windows. I have tested this...
Greg Wilkins
gregw@...
Dec 2, 2000 10:20 pm
983
Hi All, Greg Wilkins wrote, ... SPARC has special instructions (MEMBAR and the older STBAR) to explicitly force degrees of coherency between multiple...
Cris Perdue
cris@...
Dec 2, 2000 10:50 pm
984
... This is getting a little off topic, but I think it is important to know why our double null check works and why it might not work on some machines. My...
Greg Wilkins
gregw@...
Dec 2, 2000 11:57 pm
985
Jetty release 3.0.0_RC7 is now available via http://jetty.mortbay.com This release contains several important security fixes for Windows platforms or any...
Greg Wilkins
gregw@...
Dec 3, 2000 11:44 am
986
Is it my imagination or have the Jasper error messages got nastier in the RC7 release ? On the one hand I now see the Jasper error in the browser which is...
Shimon Crown
shimon.crown@...
Dec 3, 2000 1:42 pm
987
Ah, that would be the new default logging mode that puts a log on one line by replacing CR with ¬ and LF with |. So you are probably seeing some ¬|...
Greg Wilkins
gregw@...
Dec 3, 2000 3:43 pm
988
Hi, ... The quote is right, but memory models and the MEMBAR instruction are about different processors having different views of memory. Section 8.4 says,...
Cris Perdue
cris@...
Dec 4, 2000 1:15 am
989
... Chris, I'm not disputing the needs for MEMBARs to protect against the double null check problem. But I don't think MEMBAR is the end of the story as there...
Greg Wilkins
gregw@...
Dec 4, 2000 8:50 am
990
... I agree here, but there is still more spec clarifications required before you can specify portable security in a web application: 0) As methods such as...
Greg Wilkins
gregw@...
Dec 4, 2000 11:54 am
991
.... there appear to be some unused local variables here... Index: Page.java =================================================================== RCS file:...
Tom Copeland
tom@...
Dec 4, 2000 4:20 pm
992
... Note: any suggestions for spec clarifications should be sent to the email address on the front of the spec (servletapi-feedback@...) to ensure...
Craig R. McClanahan
Craig.McClanahan@...
Dec 4, 2000 7:27 pm
993
OK - I'm getting a bit of a "don't worry about it" vibe in these responses. I'm happy that Jetty is secure, I wanted it to be standard and secure, but if the...
Greg Wilkins
gregw@...
Dec 4, 2000 7:32 pm
994
... There's no old copy of __lazyObject until __objectConstructed has been seen as true, and that can only happen after cache synchronization. Now, if the CPU...
Juancarlo Anez
juancarlo@...
Dec 4, 2000 8:44 pm
995
... I don't intend to give that impression - as a container developer you should be seeking to talk to other container developers about how things should work...
Having problems with message search?
Fill out this form to ensure your group is one of the first to be migrated to the new message search system.
