Apache Tomcat 9.0.0.M4 发布

Apache Tomcat 9.0.0.M4 发布了。

改进记录：

•        Ensure that /WEB-INF/classes is never processed as a web        fragment. (markt)

•        Switch default connector when native is installed. Unless configured        otherwise, the NIO endpoint will be used by default. If SSL is        configured, OpenSSL will be used rather than JSSE. (remm)

•        Correct a regression in the fix for 58867. When configuring a        Context to use an external directory for the docBase, and        that directory happens to be located along side the original WAR, use        the directory as the docBase rather than expanding the        WAR into the appBase and using the newly created expanded        directory as the docBase. (markt)

•        58351: Make the server build date and server version number        accessible via JMX. Patch provided by  Huxing Zhang. (markt)

•        58988: Special characters in the substitutions for the RewriteValve        can now be quoted with a backslash. (fschumacher)

•        58999: Fix class and resource name filtering in WebappClassLoader.        It throws a StringIndexOutOfBoundsException if the name is exactly        "org" or "javax". (rjung)

•        Add JASPIC (JSR-196) support. (markt)

•        Make checking for var and map replacement in RewriteValve a bit stricter and        correct detection of colon in var replacement. (fschumacher)

•        Refactor the web application class loader to reduce the impact of JAR        scanning on the memory footprint of the web application. (markt)

•        Fix some resource leaks in the error handling for accessing files from        JARs and WARs. (markt)

•        Refactor the JAR and JAR-in-WAR resource handling to reduce the memory        footprint of the web application. (markt)

•        Refactor the web.xml parsing so a new parser is created every time the        web application starts rather than creating and caching the parser when        the Context is created. This enables the parser to take account of        modified Context configuration parameters and reduces (slightly) the        memory footprint of a running Tomcat instance. (markt)

•        Switch to the web application class loader to the        ParallelWebappClassLoader by default. (markt)

•        57809: Remove the custom context attribute that held the        effective web.xml. Components needing access to configuration        information may access it via the Servlet API. (markt)

•        Refactor JAR scanning to reduce memory footprint. (markt)

•        59001: Correctly handle the case when Tomcat is installed on        a path where one of the segments ends in an exclamation mark. (markt)

•        Expand the fix for 59001 to cover the special sequences used        in Tomcat's custom jar:war: URLs. (markt)

•        59043: Avoid warning while expiring sessions associated with        a single sign on if HttpServletRequest.logout() is used.        (markt)

•        59054: Ensure that using the        CrawlerSessionManagerValve in a distributed environment        does not trigger an error when the Valve registers itself in the        session. (markt)

•        Add socket properties support to storeconfig. (remm)

•        Fix incorrect parsing of the NE and NC flags in rewrite rules. (remm)

•        59065: Correct the timing of the check for colons in paths        on non-Windows systems implemented in catalina.sh so it        works correctly with Cygwin. Patch provided by Ed Randall. (markt)

•        When a Host is configured with an appBase that does not exist, create        the appBase before trying to expand an external WAR file into it.        (markt)

•       59115: When using the Servlet 3.0 file upload, the submitted       file name may be provided as a token or a quoted-string. If a       quoted-string, unquote the string before returning it to the user.       (markt)

•        59123: Close NamingEnumeration objects used by        the JNDIRealm once they are no longer required.        (fschumacher/markt)

•        Implement the proposed Servlet 4.0 API to provide mapping type        information for the current request. (markt)

•        59138: Correct a false positive warning for ThreadLocal        related memory leaks when the key class but not the value class has been        loaded by the web application class loader. (markt)

•        59017: Make the pre-compressed file support in the Default        Servlet generic so any compression may be used rather than just gzip.        Patch provided by Mikko Tiihonen. (markt)

•        59145: Don't log an invalid warning when a user logs out of        a session associated with SSO. (markt)

•        59150: Add an additional flag on APR listener to allow        disabling automatic use of OpenSSL. (remm)

•        59151: Fix a regression in the fix for 56917 that        added additional (and arguably unnecessary) validation to the provided        redirect location. (markt)

•        59154: Fix a NullPointerException in the        JASSMemoryLoginModue resulting from the introduction of the        CredentialHandler to Realms. (schultz/markt)

更多请看：http://tomcat.apache.org/tomcat-9.0-doc/changelog.html

下载地址：http://tomcat.apache.org/download-90.cgi