What's new in Jetty 9.4.51
Apr 6, 2023
- 9059 IteratingCallback not serializing close() and failed()
- 9181 Jetty 9 java.lang.NullPointerException
- SessionHandler.checkRequestedSessionId(SessionHandler.java:1733)
New in Jetty 9.4.35 (Nov 23, 2020)
- 4711 Reset trailers on recycled response
- 5486 PropertyFileLoginModule retains PropertyUserStores
- 5539 StatisticsServlet output is not valid
- 5562 ArrayTernaryTrie consumes too much memory
- 5575 Add SEARCH as a known HttpMethod
- 5605 java.io.IOException: unconsumed input during http request parsing
- 5633 Allow to configure HttpClient request authority
New in Jetty 9.4.34 (Nov 4, 2020)
- 5320 Using WebSocketClient with jetty-websocket-httpclient.xml in a Jetty
- web application causes ClassCastException
- 5488 jetty-dir.css not found when using JPMS
- 5498 ServletHolder lifecycle correctness
- 5521 ResourceCollection NPE in list()
- 5535 Support regex in SslContextFactory include/exclude of protocols
- 5555 NPE for servlet with no mapping
New in Jetty 9.4.33 (Oct 23, 2020)
- 5022 Cleanup ServletHandler, specifically with respect to making filter
- chains more extensible
- 5368 WebSocket text event execute in same thread as running binary event and
- destroy Threadlocal
- 5378 Filter/Servlet/Listener Holders are not started if added during
- STARTING state.
- 5409 HttpClient fails intermittently with "Invalid response state TRANSIENT"
- 5417 Badly configured HttpConfiguration.securePort can lead to wrong port
- produced by ForwardedHeader
- 5443 Request without Host header fails with NullPointerException in
- ForwardedRequestCustomizer
- 5451 Improve Working Directory creation
- 5454 Request error context is not reset
- 5475 Update to spifly 1.3.2 and asm 9
- 5480 NPE from WebInfConfiguration.deconfigure during WebAppContext shutdown
New in Jetty 9.4.32 (Oct 2, 2020)
- 2796 HTTP/2 max local stream count exceeded when request fails
- 3766 Introduce HTTP/2 API to batch frames
- 3916 multipart/byterange output is invalid to RFC7233
- 4809 Set a max number of requests per connection
- 4824 WebSocket server outgoing message queue memory growth
- 4888 Request getSession() method throws IllegalStateException when Session
- exists
- 4954 Simplify ability to get Byte Counts about requests
- 5032 Introduce Listeners to aid in tracking timings within ServletContext
- and WebApp
- 5079 :authority header for IPv6 address not having square brackets
- 5103 Proxy sets protocol version to 2.0 instead of 1.1 when accessed from H2
- client
- 5104 AbstractProxyServlet include incorrect protocol version in Via header
- when accessed over H2
- 5105 Graceful shutdown does not wait for resumed requests
- 5108 Improve SessionTracker scalability
- 5121 Add if (LOG.isDebugEnabled()) in CompressExtension.decompress
- 5122 Retrieving websocket connections via jmx
- 5129 No jars added when using a folder in extraClasspath of the webapp
- context xml file
- 5147 Set MaxUsageCount with existing connection pool changing the behavior
- 5150 Zero connection timeout is not supported in HTTP client with
- non-blocking connect
- 5152 HttpClient should handle unsolicited responses
- 5162 DecoratingListener raises a NullPointerException
- 5165 Wrong messagesIn count for HttpClient
- 5170 NullPointerException in HttpReceiverOverHTTP during WebSocket client
- Upgrade
- 5185 Introduce DoSFilter Listener for Alert messages
- 5193 WebSocket unimplemented BINARY message handling can result in TEXT
- message delivery to fail
- 5201 QueuedThreadPool setDetailedDump gives less detail
- 5204 SNI does not work with PKIX
- 5214 Servlet HEAD doesn't support content-length over Integer.MAX_VALUE
- 5217 Review RoundRobinConnectionPool
- 5224 HttpServletRequest.getServerName can include port when using
- ForwardedRequestCustomizer
- 5233 Bad/Unsupported HTTP version should return 505 not 400
- 5246 GzipHandler's DeflaterPool should be dumpable
- 5247 Improve ForwardRequestCustomizer authority priority
- 5268 WARN Ignoring eviction setting: 0
- 5285 Per RFC7694, if a Content-Encoding isn't recognized, reject with 415
- Unsupported Media Type
- 5362 Default ProxyServlet cannot proxy to https urls
- 5365 org.eclipse.jetty.server.Request throws NullPointerException if
- SessionHandler newHttpSession returns null
New in Jetty 9.4.31 (Jul 30, 2020)
- 1100 JSR356 Encoder#init is not called when created on demand
- Update Import-Package version start ranges
- JettyClient behavior when SETTINGS_HEADER_TABLE_SIZE is set to 0 in SETTINGS Frame.
- WebsocketClient creates more connections than needed
- WINDOW_UPDATE for locally failed stream should not close the HTTP/2 session
- Possible buffer corruption in HTTP/2 session failures
- Simplify Connection.upgradeFrom()/upgradeTo()
- HttpClient async content throws NPE in DEBUG log
- Incorrect example for TryFilesFilter API docs
- Fix NPE related to use of Attributes.Wrapper getAttributeNameSet()
- Prevent parsing of module-info.class in OSGi bundles
- NPE from Server.dump of FilterMapping
- Bundle-ClassPath and lib place on WEB-INF/lib make classpath duplicate
- WebSocketClient connect / upgrade timeout not configurable
- Automatically hot-reload SSL certificates if keystore file changed
- LifeCycle.Listener not called for Filter/Servlet/Listener lifecycle events
- dispatcher.include() with welcome files lead to stack overflow error CWE-331 in DigestAuthentication class `javax.servlet.include.context_path` attribute on root context. should be empty string, but is `"/"`
- NotSerializableException for OpenIdConfiguration
- HttpClientTimeoutTests can occasionally fail due to unreachable network
New in Jetty 9.4.30 (Jun 12, 2020)
- Incorrect path matching for WebSocket using PathMappings
- Upgrade to Apache Jasper 8.5.54
- occasional h2spec failures on jenkins
- Server.join not working when used with ExecutorThreadPool
- setCookie() must not change the headers in a response during an include
- JettyClient behavior when SETTINGS_HEADER_TABLE_SIZE is set to 0 in ETTINGS Frame.
- JDBCSessionDataStore fails to create multiple JettySessions for server with multiple databases
- Give better errors for non public Websocket Endpoints
- WebsocketClient creates more connections than needed
- DirectoryNotEmptyException when using mvn jetty:run-distro
- Restore ability to delete sessions on stop
- Quickstart run improperly runs dynamically added context initializers
- SecureRequestCustomizer.SslAttributes does not cache cert chain like before
- HttpClient: HttpCookieStore.Empty prevents sending cookies
- Response header overflow leads to buffer corruptions
New in Jetty 9.4.29 (May 23, 2020)
- Lock contention creating HTTP/2 streams
- communicate the reason of failure to the OpenID error page
- HttpChannel recycling in h2
- HTTP2 Jetty Server does not send back content-length
- Enforcing SNI when there are only non-wildcards certificates
- Make org.eclipse.jetty.client.HttpRequest's host name writable
- org.eclipse.jetty.util.thread.ShutdownThread should use an appropriate name to identify itself in Thread dump
- Better handling of fatal Selector failures
- Allow a ConnectionFactory (eg SslConnectionFactory) to automatically add a Customizer
- Jetty OSGi DefaultJettyAtJettyHomeHelper refers to non-existent config file
- WebSocket server outgoing message queue memory growth
- NIO ByteBuffer corruption in embedded Jetty server
- GzipHandler and GzipHttpOutputInterceptor do not flush response when body is empty
- org.eclipse.jetty.server.HttpChannel busyloop on HttpFields NullPointerException
- Combine `AttributesMap` and `Attributes.Wrapper`
- Update to asm 7.3.1
- Non-blocking JSON parser
- AbstractSessionCache.setFlushOnResponseCommit(true) can write an invalid session to the backing store
New in Jetty 9.4.28 (Apr 11, 2020)
- Setting async timeout on WebSocketClient does not seem to timeout writes
- Wrong Certificate Selected When Using Multiple Virtual Host Names in
- Track backport of ALPN APIs to Java 8
- ErrorHandler showing servlet info, can not be disabled unless overriding most of its functionality
- servlet context root mapping incorrect
- Inconsistent library versions notice.
- Using console-capture with StdErrLog results in empty logfile
- jetty-jaspi in jetty-all uber aggregate artifact requires javax.security.auth.message.AuthException which cannot be included
- Add support for conditional module dependencies in jetty-start
- Startup XmlConfiguration WARN on Arg threadpool
- maxFormContentSize fix in Issue #3856 broke JenkinsCI/Winstone
- no injection of env-entry if env-entry-value is whitespace only or missing
- Empty "X-Forwarded-Port" header results in NumberFormatException
- Hazelcast remote.xml configuration file do not configure hazelcast remote addresses
- Do not use ServiceLoader every time a WebSocketSession is created
- Hazelcast configurationLocation is not configurable via mod files
- Jetty 9.4.x calls ServletContextListener.contextDestroyed() too early
- CustomRequestLog throws NullPointerException when no request cookie is present
- Short reads break form-data multipart parsing
- ALPN support for Java 15
- "UnreadableSessionDataException Unreadable session ..." after upgrading to 9.4.27
- Version 9.4.25 breaks binary compatibility by renaming Response.closeOutput()
- ServletContainerInitializer.onStartUp is not called with maven jar packaging using Jetty Maven Plugin
- Reset trailers on recycled response
- Low setMaxConcurrentStreams causes "1/unexpected_data_frame" errors
- Get env variables in PHP scripts served through FastCGIProxyServlet
- PreDestroy not called for non-async and run-as servlets
- @RunAs not honoured on servlets
- Refresh NetworkTraffic* classes
New in Jetty 9.4.27 (Feb 28, 2020)
- 3247 Generate jetty-maven-plugin website
- 4247 Cookie security attributes are going to mandated by Google Chrome
- 4360 Upgrade to Apache Jasper 8.5.49
- 4475 WebSocket JSR356 implementation not honoring javadoc of MessageHandler
- on Whole<Reader>
- 4495 Review ReservedThreadExecutor's concurrency model
- 4504 X-Forwarded-Server header overwrites X-Forwarded-Host
- 4520 Jetty jdbc session manager causing exceptions for violating primary key
- in inserting session in the table
- 4529 ErrorHandler showing servlet info, can not be disabled unless
- overriding most of its functionality
- 4533 Reinstate hard close in dispatcher
- 4537 High CPU on Jetty Websocket thread
- 4541 Jetty server always allocates maximum response header size
- 4550 XmlConfiguration constructor selection based on number of arguments
- 4567 Jetty logging supporting Throwable as last argument
- 4573 Order dependency of X-Forwarded-Host and X-Forwarded-Port
- 4575 Stopping ReservedThreadExecutor may hang
- 4577 request getPathInfo returns null
- 4594 ServletContextListeners added to destroyServletContextListeners in
- ContextHandler::startContext() are not removed by
- ContextHandler::removeEventListener()
- 4606 DateCache.formatNow(long now) does not honor the passed in long
- 4612 ReservedThreadExecutor hangs when the last reserved thread idles out
New in Jetty 9.4.26 (Jan 17, 2020)
- 2620 Exception from user endpoint onClose results in unclosed WebSocketSession
- 4383 Errors deleting multipart tmp files java.lang.NullPointerException under heavy load
- 4444 TLS Connection Timeout Intermittently
- 4461 IllegalStateException in HttpOutput with Jersey
New in Jetty 9.4.21 (Oct 2, 2019)
- 97 Permanent UnavailableException thrown during servlet request handling should cause servlet destroy
- 137 Support OAuth
- 155 No way to set keystore for JSR 356 websocket clients, needed for SSL client authentication
- 1036 Allow easy configuration of Scheduler-Threads and name them more
- Appropriate
- 2815 HPack fields are opaque octets
- 3040 Allow RFC6265 Cookies to include optional SameSite attribute.
- 3106 WebSocket connection stats and request stats
- 3734 WebSocket suspend when input closed
- 3747 Make Jetty Demo work with JPMS
- 3806 Error Page handling Async race with ProxyServlet
- 3913 Clustered HttpSession IllegalStateException: Invalid for read
- 3936 Race condition when modifying session + sendRedirect()
- 3956 Remove and warn on use of illegal HTTP/2 response headers
- 3964 Improve efficiency of listeners
- 3968 WebSocket sporadic ReadPendingException using suspend/resume
- 3978 HTTP/2 fixes for robustly handling abnormal traffic and resource
- Exhaustion
- 3983 JarFileResource incorrectly lists the contents of directories with
- Spaces
- 3985 Improve lenient Cookie parsing
- 3989 Inform custom ManagedSelector of dead selector via optional
- OnFailedSelect()
- 4000 Add SameFileAliasChecker to help with FileSystem static file access
- Normalization on Mac and Windows
- 4007 NullPointerException while trying to run jetty start.run on Windows
- 4009 ServletContextHandler setSecurityHandler broke handler chain
- 4020 Revert WebSocket ExtensionFactory change to interface
- 4022 Servlet which is added by ServletRegistration can't be started
- 4025 Provide more write-through behaviours for DefaultSessionCache
- 4027 Ensure AbstractSessionDataStore cannot be used unless it is started
- 4033 Ignore bad percent encodings in paths during
- URIUtil.equalsIgnoreEncodings()
- 4047 Gracefully stopped Jetty not flushing all response data
- 4048 Multiple values in X-Forwarded-Port throw NumberFormatException
- 4057 NullPointerException in o.e.j.h.HttpFields
- 4064 NullPointerException initializing embedded servlet
- 4075 Do not fail on servlet-mapping with url-pattern /On*
- 4082 NullPointerExceptoin while Debug logging in client
- 4084 Use of HttpConfiguration.setBlockingTimeout(long) in jetty.xml produces
- Warning on jetty-home startup
- 4105 Cleanup of Idle thread count in QueuedThreadPool
- 4113 HttpClient fails with JDK 13 and TLS 1.3
New in Jetty 9.4.20 (Aug 14, 2019)
- 300 Implement Deflater / Inflater Object Pool
- 2061 WebSocket hangs in blockingWrite
- 3601 HTTP2 stall on reset streams
- 3648 javax.websocket client container incorrectly creates Server SslContextFactory
- 3698 Missing WebSocket ServerContainer after server restart
- 3700 stackoverflow in WebAppClassLoaderUrlStreamTest
- 3708 Swap various java.lang.String replace() methods for better performance ones
- 3731 Add testing of CDI behaviors
- 3736 NPE from WebAppClassLoader during CDI
- 3746 ClassCastException in WriteFlusher.java - IdleState cannot be cast to FailedState
- 3749 Memory leak while processing AsyncListener annotations
- 3755 ServerWithAnnotations doesn't do anything
- 3758 Avoid sending empty trailer frames for http/2 requests
- 3782 X-Forwarded-Port overrides X-Forwarded-For
- 3786 ALPN support for Java 14
- 3798 ClasspathPattern match method throws NPE. URI can be null
- 3799 Programmatically added listeners from ServletContextListener.contextInitialzed() are not called
- 3804 Weld/CDI XML backwards compat
- 3805 XmlConfiguration odd behavior for numbers
- 3806 The error page handler didn't process correctly in proxy
- 3815 PropertyFileLoginModule adds user principle as a role
- 3822 trustAll will not work on some servers
- 3829 Avoid sending empty trailer frames for http/2 responses
- 3835 WebSocketSession are not being stopped properly
- 3840 Byte-range request performance problems with large files
- 3856 Different behaviour with maxFormContentSize=0 if Content-Length header is present/missing
- 3876 WebSocketPartialListener is only called for initial frames, not for continuation frames
- 3884 @WebSocket without @OnWebSocketMessage handler fails when receiving a
- continuation frame
- 3888 BufferUtil.toBuffer(Resource resource,boolean direct) does not like large (4G+) Resources
- 3906 Fix for #3840 breaks Path encapsulation in PathResource
- 3929 Deadlock between new HTTP2Connection() and Server.stop()
- 3940 Double initialization of Log
- 3957 CustomRequestLog bad usage of MethodHandles.lookup()
- 3960 Fix HttpConfiguration copy constructor
- 3969 X-Forwarded-Port header customization isn't possible
New in Jetty 9.4.19 (Jun 13, 2019)
- 2909 Remove B64Code
- 3332 jetty-maven-plugin - transitive dependencies not loaded from
- "target/classes"
- 3498 WebSocket Session.suspend() now suspends incoming frames instead
- of reads
- 3534 Use System nanoTime, not currentTimeMillis for IdleTimeout
- 3550 Server becomes unresponsive after sitting idle from a load spike
- 3562 InetAccessHandler should be able to apply to a certain port or
- connector
- 3568 Make UserStore able to be started/stopped with its LoginService
- 3583 jetty-maven plugin in multi-module-project does not use files from
- /target/test-classes folder of dependent projects
- 3605 IdleTimeout with Jetty HTTP/2 and InputStreamResponseListener
- 3608 Reply with 400 Bad request to malformed WebSocket handshake
- 3616 Backport WebSocket SessionTracker from Jetty 10
- 3620 Use of `throwUnavailableOnStartupException=true` does not stop Server
- in jetty-home
- 3627 Only renew session id when spnego authentication is fully complete
- 3628 NPE in QueuedThreadPool.getReservedThreads()
- 3630 X-Forwarded-For missing last hextet for ipv6
- 3633 endpointIdentificationAlgorithm enabled by default
- jetty-ssl-context.xml
- 3653 access control exception if programmatic security manager is used
- 3655 Spaces missing on Cookies generated via RFC6265
- 3663 Remove deprecation of HttpClient replacement methods in WebSocketClient
- 3680 Bom manages non-existent infinispan-remote and infinispan-embedded
- dependencies due to config classifier
- 3683 Multipart file not deleted when client aborts upload
- 3690 Upgrade to asm 7.1
- 3713 Emit warning when invoking deprecated method in Jetty XML
- 3715 Improve Log.condensePackage performance
- 3722 HttpSessionListener.sessionDestroyed should be able to access webapp
- classes
- 3726 Remove OSGi export uses of servlet-api from jetty-util
- 3729 Make creation of java:comp/env threadsafe
- 3743 Update XmlConfiguration usage in Jetty to always use Constructors that
- provide Location information
- 3748 @Resource field not injected in Jetty Demo
- 3750 NPE in WebSocketClient.toString()
- 3751 Modern Configure DTD / FPI is used inconsistently
New in Jetty 9.4.18 (Apr 30, 2019)
- IllegalStateException in WebSocket ConnectionState
- Server becomes unresponsive after sitting idle from a load spike
- Update to apache jasper 8.5.40
- Update jetty-bom for new infinispan artifacts.
- HeapByteBuffer cleared unexpected
- Session persistence broken from 9.4.13+
- Fix infinispan start module dependencies
New in Jetty 9.4.17 (Apr 23, 2019)
- Split SslContextFactory into Client and Server
- Directory Listing on Windows reveals Resource Base path
- DefaultHandler Reveals Base Resource Path of each Context
New in Jetty 9.4.16 (Apr 12, 2019)
- Limit total bytes pooled by ByteBufferPools
- Logging of `key.readyOps()` can throw unchecked `CancelledKeyException`
- WebSocket permessage-deflate RSV1 validity check
- OSGi versions of java.base classes in
- org.apache.felix:org.osgi.foundation:jar conflicts with new rules on Java 9+
- Modernize Directory Listing: HTML5 and Sorting
- HandlerCollection.addHandler is lacking synchronization
- OutOfMemoryError: Java heap space in GZIPContentDecoder
- Websockets jsr356 willDecode not invoked during decoding
- java.security.acl.Group is deprecated and marked for removal
- Cleanup QuotedQualityCSV internal use of Double
- HttpClient does not timeout during multiple redirection
- Duplicate JSESSIONID sent when invalidating new session
- CLOSE_WAIT socket status forever after terminating websocket client
- side
- Upgrade conscrypt version to 2.0.0 and remove usage of reflection
- JMX Operation to trigger manual deployment scan in WebAppProvider
- Stop server if Unavailable thrown
- org.eclipse.jetty.http.Http1FieldPreEncoder generates an invalid header
- byte-array if header is null
- Allow multiple programmatic login/logout in same request
- Split SslContextFactory into Client and Server
- TLS close_notify() is not guaranteed
- Using setExtraClasspath("lib/extra/*") does not work on Microsoft
- Windows
- + 3526 HTTP Request Locale not retained in WebsocketUpgrade Request
- + 3540 Use configured Provider in SslContextFactory consistently
- + 3545 NullPointerException on ServletOutputStream.print("");
New in Jetty 9.4.15 (Feb 19, 2019)
- Add support for NCSA Extended Log File Format
- ExtraClasspath() method on WebAppContext dont support dir path
- Better handle concurrent calls to change session id and invalidate
- Within a context
- NPE using more than one Endpoint.publish
- Change HttpClient and WebSocketClient default to always have SSL
- Support enabled
- Enforce Content-Encoding check only on parameter extraction
- SSL Connection Leak
- Warn on common SslContextFactory problematic configurations
- Logging of `key.readyOps()` can throw unchecked `CancelledKeyException`
- NPE on
- WebSocketServerContainerInitializer.configureContext(ServletContextHandler)
- ServletContainerInitializer from war WEB-INF/classes not executing
- Add support for javax.net.ssl.HostnameVerifier to HttpClient
- Update to Apache JSP 8.5.35
- BufferingResponseListener does not clear buffer in onHeaders
- Etty maven plugin - javax.annotation.jar picked up from jetty plugin
- Rather than from applications classpath
- Jetty-maven plugin in multi-module project not using files from /target
- Folders of sister projects
- Async ServletOutputStream print methods
- Threadpool module creates unmanged threadpool
- Client and server need to to treat an incoming HTTP/2 RST_STREAM frame
- Differently
- AuthenticationProtocolHandler should not cache the failed results
- ALPN support for Java 13
- Missing main manifest attribute in jetty-runner.jar
- Fix WebSocket components dump()
- NullPointerException if base resource is an empty ResourceCollection
- WebSocket write may hang forever
- Support host:port in X-Forwarded-For header in
- ForwardedRequestCustomizer
- Avoid additional selectNow() on non-Windows runtimes
- 3307 WebAppClassLoader loadClass can throw NullPointerException for missing
- Class
- Ability to serve HTTP and HTTPS from the same port
- Improve uncaught exception handler double logging
- Hazelcast delete expired session fails in deserialize
- Do not expect to be able to connect to https URLs with the HttpClient
- Created from a parameterless constructor
New in Jetty 9.4.14 (Nov 16, 2018)
- 3097 Duplicated programmatic Servlet Listeners causing duplicate calls
- 3103 HttpClientLoadTest reports a leak in byte buffer
- 3104 Align jetty-schemas version within apache-jsp module as well
New in Jetty 9.4.13 (Nov 13, 2018)
- 2191 JPMS Support
- 2431 Upgrade to Junit 5
- 2691 LdapLoginModule does not find accounts in subtrees
- 2702 ArithmeticException in Credentials.stringEquals and .byteEquals
- 2718 NPE using more than one Endpoint.publish
- 2727 Cleanup behavior of JMX MBean discovery
- 2740 Ensure OSGiWebappClassLoader uses bundleloader for all loadClass methods
- 2787 Use status code from nested BadMessageException wrapped in ServletException
- 2796 HTTP/2 max local stream count exceeded when request fails
- 2834 Support Java 11 bytecode during annotation scanning
- 2865 Update to apache jasper 8.5.33
- 2868 Adding SPNEGO authentication support for Jetty Client
- 2871 HTTP/2 Server reads -1 after client resets stream
- 2875 Fix WebSocketClient.connect() hang when attempting to connect at an invalid websocket endpoint
- 2886 SNI matching does not work in certain cases when there is only one CN certificate in the keystore
- 2901 Introduce HttpConnectionUpgrader as a conversation component in HttpClient
- 2903 Avoid Listener instantiation during QuickStart generation
- 2906 jetty-maven-plugin run goal adds output directory of reactor project dependencies to classpath without regard for scope
- 2912 Requests handled with GzipHandler should remove Content-Encoding and Content-Length headers
- 2913 Remove reliance on sun.reflect.Reflection to be compatible with Java 11
- 2936 Error during initial RequestDispatch with bad request query results in failure for ErrorHandler to process
- 2941 Upgrade to ASM 7 to support Java 11 bytecode
- 2954 Improve cause reporting for HttpClient failures
- 2970 Ensure HttpChannel.onComplete is always called
- 3018 Improve error handling and logging of min data rate violations
- 3023 Wrong non-redirect behaviour with "null" path info
- 3030 Enforce Content-Encoding check only on parameter extraction
- 3041 Cookies parsing in RFC2965 should allow deprecated comma separators
- 3049 Warn on common SslContextFactory problematic configurations
- 3054 Update OSGi to ASM 7
- 3090 MBeanContainer throws NPE for arrays
- 3092 Wrong classloader used to load *MBean classes
New in Jetty 9.4.12 (Sep 2, 2018)
- Jetty-9.4.12.v20180830 - 30 August 2018
- 300 Implement Deflater / Inflater Object Pool
- 307 Monitor contention in AbstractNCSARequestLog
- 321 Remove JaspiAuthenticatorFactory.findServerName(Server, Subject)
- 901 Overriding SSL context KeyStoreType requires explicit override of TrustStoreType
- 1688 Request with `Content-Encoding: gzip` should not perform parameter
- extraction
- 1905 Deprecate jetty-runner now, present warnings when using it on Java 9
- Runtimes
- 2075 Deprecating MultiException
- 2135 Android 8.1 needs direct buffers for SSL/TLS to work
- 2233 JDK9 Test failure:
- org.eclipse.jetty.server.ThreadStarvationTest.testWriteStarvation[https/ssl/tls]
- 2342 File Descriptor Leak: Conscrypt: "Too many open files"
- 2349 HTTP/2 max streams enforcement
- 2398 MultiPartFormInputStream parsing should default to UTF-8, but allowed
- to be overridden by Request.setCharacterEncoding()
- 2468 EWYK concurrent produce can fail SSL connections
- 2501 Include accepting connections in connection limit.
- 2530 Client waits forever for cancelled large uploads
- 2560 Review PathResource exception handling
- 2565 HashLoginService silently ignores file:/ config paths from 9.3.x
- 2592 Failing test on Windows:
- ServerTimeoutsTest.testAsyncWriteIdleTimeoutFires[transport: HTTP]
- 2597 Failing tests on windows UnixSocketTest
- 2631 IllegalArgumentException: Buffering capacity exceeded, from HttpClient
- HEAD Requests to resources referencing large body contents
- 2648 LdapLoginModule fails with forceBinding=true under Java 9
- 2655 WebSocketClient not removing closed WebSocket Session's from managed
- beans
- 2662 Remove unnecessary boxing conversions
- 2663 Guard Throwable.addSuppressed() calls
- 2672 Max local stream count exceeded for HttpClient with HTTP/2 transport
- 2675 Demo rewrite rules prevent URL Session tracking
- 2677 Decode URI before matching against "/favicon.ico"
- 2679 HTTP/2 Spec Compliance
- 2681 Jetty Hot Deployment Module does not stop exploded webapps after
- removal from webapps directory
- 2683 NPE in FrameFlusher toString()
- 2684 MimeTypes.getAssumedEncodings() does not work
- 2694 Bad DynamicImport-Package in Websocket Servlet
- 2696 GcloudDataStore dependency generation broken
- 2706 ResourceService may return 404 for unchanged content
- 2711 TLS 1.3 compliance
- 2717 Async requests are not considered when shutting down gracefully
- 2718 NPE using more than one Endpoint.publish
- 2719 property file passed to start.jar is not read
- 2720 <property> config tag can't access property values in WebAppContext
- 2722 Improve configurability for SETTINGS frames
- 2730 Limit concurrent HTTP/2 pushed resources
- 2737 HTTP Authentication parameters containing =
- 2739 AuthenticationProtocolHandler Multiple Challenge Pattern
- 2745 JDBCSessionDataStore schema potential performance issue
- 2746 Move jmh classes to a dedicated module and run those daily or weekly
- 2749 Graceful shutdown causes repeated 503s on keep-alive connections
- 2754 Don't eagerly instantiate @WebListener during annotation scan if it is
- explicitly referenced in the webapp descriptor as well
- 2755 Repeatedly stopping/starting an active HttpClient can result in a stuck
- ManagedSelector
- 2757 Possible double release of HTTP/2 ByteBuffers
- 2762 Fix typo in jetty.sh
- 2767 WebSocket Policy on JSR356 ClientContainer not represented correctly
- 2775 Make LowResourceMonitor extendable
- 2777 Workaround for Conscrypt's ssl == null
- 2778 Upgrade h2spec-maven-plugin 0.4
- 2787 BadMessageException wrapped as ServletException not handled
- 2794 Generate p2 repos for Jetty 9.3.24.v20180605 and Jetty 9.2.25.v20180606
- 2796 Max local stream count exceeded when request fails
- 2798 ThreadPoolBudget logs WARN when minThreads == maxThreads (was:
- Reasoning behind ThreadPoolBudget warning logic change on 3/5/18)
- 2807 Exclude TLS_RSA_* ciphers by default
- 2811 SslContextFactory.dump incorrectly uses default enabled for determining
- "jre:disabled" flag
- 2817 Change HttpClient and WebSocketClient default to always have SSL
- support enabled
- 2821 AuthenticationProtocolHandler should not always cache
- Authentication.Result
- 2824 Every call to HttpServletRequest.getParameter*() methods results in a
- newly created Map object if both query and body content exist
- 2828 connectionListener of AbstractHTTP2ServerConnectionFactory cause the
- low performance of concurrent connect of http2
- 2832 Wrong initialization of HTTP/2 UnknownBodyParser
- 2835 JarFileResource#lastModified() side effect is URL caching preventing
- hot redeploy on Windows
- 2836 Sequential HTTPS requests may not reuse the same connection
- 2844 Clean up webdefault.xml and DefaultServlet doc
- 2846 add unit test for ldap module
- 2847 Wrap Connection.Listener invocations in try/catch
- 2860 Leakage of HttpDestinations in HttpClient
- 2871 Server reads -1 after client resets HTTP/2 stream
New in Jetty 9.4.11 (Jun 8, 2018)
- 1785 Support for vhost@connectorname syntax of virtual hosts
- 2346 Revert stack trace logging for HTTPChannel.onException
- 2439 Remove HTTP/2 data copy
- 2472 central.maven.org doesn't work with https
- 2484 Repeated null check in MimeTypes.getDefaultMimeByExtension
- 2496 Jetty Maven Plugin should skip execution on projects it cannot support
- 2516 NPE at SslClientConnectionFactory.newConnection()
- 2518 HttpClient cannot handle bad servers that report multiple 100-continue responses in the same conversation
- 2525 Deprecate BlockingTimeout mechanism for removal in future release
- 2529 HttpParser cleanup
- 2532 Improve parser handing of tokens
- 2545 Slow HTTP2 per-stream download performance
- 2546 Incorrect parsing of PROXY protocol v2
- 2548 Possible deadlock failing HTTP/2 stream creation
- 2549 ConsumeAll and requestRecycle
- 2550 Coalesce overlapping HTTP requested byte ranges
- 2556 "file:" prefix in jetty.base variable
- 2559 Use Configurator declared in ServerEndpointConfig over one declared in the @ServerEndpoint annotation
- 2560 PathResource exception handling
- 2568 QueuedThreadPool.getBusyThreads() should take into account ReservedThreadExecutor.getAvailable()
- 2571 Jetty Client 9.4.x incorrectly handles too large fields from nginx 1.14 server
- 2574 Clarify max request queued exception message
- 2575 Work around broken OSGi implementations Bundle.getEntry() behavior returning with unescaped URLs
- 2580 Stop creating unnecessary exceptions with MultiException
- 2586 Update to asm 6.2
- 2603 WebSocket ByteAccumulator initialized with wrong maximum
- 2604 WebSocket ByteAccumulator should report sizes in MessageTooLargeException
- 2616 Trailers preventing client from processing all the data
- 2619 QueuedThreadPool race can shrink newly created idle threads before use
New in Jetty 9.4.10 (May 8, 2018)
- + 110 Jetty JAASLoginService should not use getContextClassLoader to load role
- class name under OSGi
- + 1027 MultiPartInputStreamParser is slow for largish files
- + 1555 AuthenticationProtocolHandler unable to parse Digest WWW Header
- + 2018 No HttpClient API for receiving Server Sent Events
- + 2145 Enabled h2, http/1.1 + https failed with invalid preface
- + 2152 Produce jetty-home-source artifacts for Eclipse Jetty source jars
- + 2164 Ensure all jetty modules that use ServiceLoader have correct OSGi
- manifest headers
- + 2205 100% CPU usage in Selector using Jetty on Windows
- + 2311 TimeoutException when server sends unexpected content
- + 2337 ServletUpgradeRequest getSubProtocols() creates an ArrayList even if
- sub protocols is absent in WebSocket Upgrade Request.
- + 2349 Review HTTP/2 max streams enforcement
- + 2350 Support multiplexing in RoundRobinConnectionPool
- + 2361 CachingWebAppClassLoader is not using cache properly
- + 2366 Review HTTP/2 interleaving
- + 2376 Relax ContextHandler and ServletContextHandler requirements in
- WebSocket to allow SpringBoot's MockMVC to function
- + 2387 NPE in URIUtil.equalsIgnoreEncodings when working with jar:file:// URIs
- + 2388 AtomicBiInteger.compareAndSet(long,int,int) not using encoded parameter
- + 2391 Allow for optional "u####" escaping in
- org.eclipse.jetty.util.ajax.JSON.toString()
- + 2398 MultiPartFormInputStream parsing should default to UTF-8, but allowed
- to be overridden by Request.setCharacterEncoding()
- + 2403 allow --add-to-start to specify maven repository location
- + 2409 Ensure no duplicate config classes are assigned to WebApps in OSGi
- environments
- + 2413 Server log timestamp is inconsistent
- + 2420 Simplify HttpTransportOverHTTP2
- + 2425 Review BufferUtil.isMappedBuffer()
- + 2427 SessionInactivityTimeout does not stop upon expiration
- + 2430 CDI version mismatch with jetty-maven-plugin:run-forked and Weld
- + 2435 Class.newInstance() is deprecated in Java 9+
- + 2445 Add HttpServletRequest support to DefaultCallbackHandler
- + 2446 AttributeNormalizer does not support "user.home" to be "/"
- + 2451 ReservedThreadExecutor.getAvailable() is not atomic and can return
- incorrect value
- + 2454 Avoid sending empty DATA frame in case of HTTP/2 trailers
- + 2464 NPE when constructing subclasses of ExecutorThreadPool
- + 2468 EWYK concurrent produce can fail SSL connections
- + 2472 Default Maven Central Repository URL used to download artifacts in
- start.jar should use https
- + 2474 HTTP/2 client not handling invalid servers correctly
- + 2478 ThreadPoolExecutor does nto reap Idle threads
- + 2482 Possible NPE in MemcachedSessionDataMapFactory
- + 2491 WebSocket FragmentExtension can produce an invalid stream of frames
- + 2495 FileSessionDataStore: private save method
- + 2496 Jetty Maven Plugin should skip execution on projects it cannot support
- + 2498 Add QueuedThreadPool.removeThread(Thread) for extendability reasons
New in Jetty 9.4.9 (Mar 21, 2018)
- Jetty-9.4.9.v20180320 - 20 March 2018
- 347 Avoid sending request using a connection that is idle timing out
- 1416 GzipHandler generated ETag suffix has problems with If-Match header
- logic
- 1602 WebAppContext is started twice, once by deployer, again by lifecycle
- 1614 AbstractNCSARequestLog does not extract the user from the http header
- when it has not been authenticated
- 1770 SniX509ExtendedKeyManager.chooseServerAlias() throws
- NullPointerException when socket is null
- 1797 JEP 238 - Multi-Release JAR files break bytecode scanning
- 1832 Bad HTTP Close prevents proper TCP close
- 1918 Scalable scheduler implementation
- 1933 Use CLASSPATH for scanning java9 system classes
- 1940 Embedded CDI: SessionScoped gives a NPE
- 1949 Client-side problems with digest authentication
- 1956 Store and report build information of Jetty
- 1966 HttpMethod case sensitive
- 1970 ManagedSelector can lose selector thread under high concurrent load
- 1973 Implement minimum response data rate
- 1983 Improve warning for incompatible ALPN processor
- 1986 ServletContextHandler.Context addListener() methods support
- session listeners
- 2003 Do not submit blocking tasks as managed selector actions
- 2006 ServletInputStream.isReady not registering interest when it should
- 2010 SniX509ExtendedKeyManager causes exception: "FIPS mode: only SunJSSE
- KeyManagers may be used"
- 2014 Support unix domain sockets in HttpClient
- 2015 jetty-alpn-conscrypt-server needs appropriate osgi headers in manifest
- 2016 jetty-alpn-openjdk8-server needs correct osgi headers in manifest
- 2019 Expose HttpClientTransport in JMX
- 2020 Introduce a name for `HttpClient` instances
- 2022 Fine grained RFC HTTP Compliance modes: including OWS prior to field
- colon
- 2028 Add osgi headers for alpn-java client and server
- 2030 NPE in AnnotationConfiguration with DEBUG enabled
- 2033 Improve HTTP/2 session and stream stall times report
- 2034 Improve HTTP2Session dump
- 2035 FlowControlStrategy keeps around reset streams
- 2037 HTTP/2 stream reset leaves stream frames in the flusher
- 2038 FileSessionDataStore.deleteAllFiles(File, String) can become slow
- 2043 ConcurrentModificationException during annotation parsing
- 2046 Server.stop not closing connections
- 2050 Clarify ObjectMBean getObject[Name|Context]Basis() methods
- 2079 Upgrade to apache jasper 8.5.24
- 2080 Exclude more maven machinery dependencies from the jetty-maven-plugin
- server path
- 2081 No idle timeout exception when dispatch is delayed
- 2088 Recycle HTTP/2 channels on the client
- 2090 Jetty fails to start on OpenJDK 9: "Invalid Java version 9.0.1.3"
- 2093 Correcting Bom managed dependencies that do not exist
- 2114 Fix NPE in JettyHttpServerProvider
- 2117 Allow to configure HttpClient default request Content-Type
- 2130 Introduce thread pool module for simpler configuration of thread pool
- in standalone
- 2131 Introduce a monitored thread pool
- 2136 maven & jetty-maven-plugin & offline
- error:java.net.UnknownHostException: www.eclipse.org
- 2148 Limit BufferUtil.toDetailString() raw character display to USASCII
- 7-bit printable characters
- 2152 Produce jetty-home-source artifacts for Eclipse Jetty source jars
- 2160 Digest authentication should use absolute path
- 2164 Ensure all jetty modules that use ServiceLoader have correct OSGi
- manifest headers
- 2190 HTTP/2 close and GOAWAY behavior
- 2203 Use GlobalWebAppConfigBinding rather than special methods on
- DeploymentManager/WebAppProvider
- 2209 jetty-maven-plugin deploy-war silently fails (unless the pom has war
- packaging)
- 2210 NPE at org.eclipse.jetty.client.HttpDestination.newExchangeQueue
- 2218 Adding workaround for Windows NIO Selector Bug
- 2232 Dependency Conflict: Conflicting JARs org.apache.maven:maven-project
- 2255 Notify SSL handshake failures on write failures
- 2275 jetty.server.ResourceService.doGet()
- RequestDispatcher INCLUDE
- 2278 Could not find artifact
- org.eclipse.jetty.tests:test-webapps-parent:pom:9.4.8.v20171121
- 2279 Jetty 9.4.x start.jar: "?=" in [ini] defeats Issue #1139 functionality
- 2280 Default application/json to utf-8 encoding in encoding.properties
- 2284 NPE from start.jar during JVM version parsing
- 2288 Cleanup the statistics classes
- 2291 Expose HTTP/2 close reason in dumps
- 2293 HTTP/2 client multiplexed connection pool creates too many connections
- 2297 HTTP/2 client transport should honor HttpClient.connectBlocking
- 2298 Override the processor number with an environment variable
- 2307 Error page can have null charset in content type
- 2308 Type change in MonitorTask - int cannot be converted to
- ThreadPoolExecutor
- 2312 HTTP/2 Connection.Listener notified after first request
- 2313 Dump HTTP/2 channel state
- 2318 HttpParser.Listener.onBadMessage() should take BadMessageException
- 2346 Missing stack traces in HTTPChannel.onException
- 2358 Add ALPN module file for JDK 10
New in Jetty 9.4.8 (Nov 30, 2017)
- 212 HttpClient should support pluggable AuthenticationStore
- 215 Add Conscrypt for native ALPN/TLS/SSL
- 272 WebSocket hangs in blockingWrite
- 487 JDK 9 build compatibility
- 901 Overriding SSL context KeyStoreType requires explicit override of TrustStoreType
- 922 Implements methods Connection.getBytes[In|Out]()
- 1209 IllegalStateException when HTTP/2 push is disabled
- 1213 Upgrade to ASM Version 6.0 for JDK9
- 1509 Improve GZIPContentDecoder buffer pooling sizing
- 1550 Resolve inconsistent Shutdown configuration with Jetty Runner
- 1640 Introduce :run-distro goal for local jetty distribution deployment
- 1692 Annotation scanning should ignore `module-info.class` files
- 1696 Missing stacktraces on debug of WriteFlusher onFail
- 1705 Rejected executions in QueuedThreadPool can lead to memory leaks
- 1760 Update to apache jasper 8.5.20
- 1768 Allow jetty properties to be set for the jetty:run-forked goal
- 1782 Using assembly.tarLongFileMode=posix for jetty-home and jetty-distribution assembly
- 1797 JEP 238 - Multi-Release JAR files break bytecode scanning
- 1806 Improved ReservedThreads idle timeout
- 1807 Add new HttpChannel listener and events for metrics libraries
- 1814 Move JavaVersion to jetty-util for future Java 9 support requirements
- 1818 Improve Infinispan support on JDK 9
- 1819 Race condition during annotation parsing
- 1823 ResourceHandler with ranged requests does not return Content-Type response header
- 1829 OSGi webbundle classes scanned twice
- 1833 Request.startAsync requires context path
- 1835 Locker is not reentrant on ServerConnector#setConnectionFactories
- 1836 Migrate Locker implementation to JVM ReentrantLock implementation
- 1841 Reduce contention on ServletHolder
- 1845 Allow null User-Agent in HttpClient
- 1849 Refactoring of SelectorManager.defaultSchedulers()
- 1851 Improve insufficient thread warnings/errors
- 1854 Consistent IOException and timeout handling when extracting form parameters
- 1856 ResourceHandler without ServletContext throws NPE for welcome files if used directly
- 1857 GZIPContentTransformer fails to send entire message if used with BufferedContentTransformer
- 1865 Improve Exception on invalid redirect usage
- 1867 Improve Exception thrown during Expect 100 Continue
- 1868 Need a way to randomly select ports for tests
- 1871 JMXify SslContextFactory
- 1878 Handle 100 Continue response without Expect header
- 1879 'Bad tld url' seen during :jetty-run when running integration tests
- 1881 Improve support of WebSocket over Unix Domain Socket
- 1885 SessionHandler get/set maxInactiveInterval is not symmetric with negative values
- 1888 Implement cookie matching on Path attribute per RFC 6265
- 1891 Make HTTP/2 async error notifications configurable
- 1892 NPE resulting from bad JEP 238 MultiReleaseJarFile structure
- 1893 Add ability to set HttpClient Connection TTL
- 1897 Introduce a round-robin connection pool for HttpClient
- 1900 Update to CDI 2.0 for cdi module
- 1901 Reimplement PathWatcher as scanner
- 1909 Update to Apache Jasper 8.5.23
- 1910 Remove unused jetty-jsp module
- 1912 AbstractConnector EndPoint leak for failed SSL connections
- 1914 HttpClient fails to parse Content-Type response header with RFC 2045 charset="utf-8" syntax
- 1919 Review LowResourceMonitor
- 1920 Connect Timeouts with NonBlocking CreateEndPoint
- 1924 ManagedSelector can livelock under high load
- 1931 Expose RolloverOutputStream for pluggable behaviour
- 1933 Use CLASSPATH for scanning java9 system classes
- 1956 Store and report build information of Jetty
- 1958 Blocking Timeout has different behavior in HttpInput vs HttpOutput
- 1970 ManagedSelector can lose selector thread under high concurrent load
- 1980 PushCacheFilter does not push TLS offloaded HTTP/2 requests
- 1981 Loading resource content failed
- 1984 Remove jetty-client dependency in jetty-rewrite
New in Jetty 9.4.7 (Nov 1, 2017)
- 215 Consider native ALPN/SSL provider
- 487 JDK 9 build compatibility
- 1116 Support empty HTTP header values
- 1200 Use PathWatcher in DeploymentManager
- 1357 RolloverFileOutputStream: No rollout performed at midnight
- 1416 GzipHandler generated ETag suffix has problems with If-Match header logic
- 1468 Configure PKIX Revocation Checker for SslContextFactory
- 1469 RolloverFileOutputStream: IllegalStateException Task already scheduled
- 1498 Add JRTResource to support future Java 9 classloader behaviors
- 1499 ClasspathPattern needs MODULE ruleset to support future Java 9 classloader behaviors
- 1503 IPv6 address needs normalization (without brackets) in ForwardedRequestCustomizer
- 1507 RolloverFileOutputStream: Negative delay Timer.schedule exception
- 1513 RolloverFileOutputStream: can't handle multiple instances
- 1515 Improved RollOverFileOutputStream removeOldFiles() behavior
- 1520 PropertyUserStore should extract packed config file
- 1556 Remove a timing channel in Password matching
- 1571 Support Hazelcast session management in 9.4
- 1590 Improve RolloverFileOutputStream functionality with multiple TimeZones
- 1591 JDBCSessionDataStore doesn't work with root context on Oracle DB
- 1592 CompressedContentFormat.tagEquals() - incorrect comparison of entity tag hashes
- 1595 HTTP/2: Avoid sending unnecessary stream WINDOW_UPDATE frames
- 1600 Update jndi.mod and plus.mod
- 1603 WebSocketServerFactory NPE in toString()
- 1604 WebSocketContainer stop needs improvement
- 1605 ContainerProvider.getWebSocketContainer() behavior is not to spec
- 1618 AsyncContext.dispatch() does not use raw/encoded URI
- 1622 HeaderFilter doesn't work if the response has been committed
- 1623 JettyRunMojo use dependencies from reactor (outputdirectory)
- 1625 Support new IANA declared Websocket Close Status Codes
- 1637 Thread per connection retained in HTTP/2
- 1638 Add it test for Maven Plugin
- 1642 Using RewriteHandler with AsyncContext.dispatch() and HttpServletRequestWrapper not possible
- 1643 ProxyServlet always uses default number of selector threads - constructor should allow to overwrite the default.
- 1645 NotSerializableException: DoSFilter when using Non-Clustered Session Management: File System
- 1655 Improve extensibility of ServerConnector
- 1656 Improve configurability of ConnectionPools
- 1661 AbstractProxyServlet onProxyResponseFailure Error
- 1662 NPE with WebSocket Compress Extensions
- 1664 IPAccessHandler CIDR IP range check is incorrect
- 1671 Asymmetric usage of trailers in MetaData.Request
- 1675 Session id should not be logged with INFO level in AbstractSessionCache
- 1679 DeploymentManagerMBean not usable through JMX
- 1682 Jetty-WarFragmentFolderPath directive has no effect in eclipse runtime mode except for the first launch
- 1685 Update ALPN support for Java 8u141
- 1687 HTTP2: Correcting missing callback notification when channel not found
- 1692 Annotation scanning should ignore `module-info.class` files
- 1698 Missing WWW-Authenticate from SpnegoAuthenticator when other Authorization header provided
- 1702 Update ALPN support for Java 8u144
- 1703 Improve HttpInput failure logging
- 1706 Log Implementation ignored when executing under OSGi
- 1709 SpnegoAuthenticator improperly handling case-insensitive Negotiate header
- 1713 Do not over allocate selectors for small thread pools
- 1715 Standardise properties and ids in jetty XML files
- 1717 DoSFilter getRateTracker IP/Port loadId minor improvement
- 1718 QueuedThreadPool not exposed on JMX
- 1719 HTTP/2: Improve handling of queued requests
- 1721 Async I/O POST fails with big files
- 1724 Add dependency on jetty-annotations for apache-jsp
- 1732 Allow pause accepting new connections during high load
- 1737 DefaultServlet wrong welcome dispatcher using non-root URL path
- 1738 jetty-bom fails oss.sonatype.org validation
- 1741 Java 9 javadoc failure in build
- 1749 Dump HttpDestination exchange queue
- 1750 PoolingHttpDestination creates ConnectionPool twice
- 1759 HTTP/2: producer can block in onReset
- 1766 JettyClientContainerProvider does not actually use common objects correctly
- 1789 PropertyUserStoreTest failures in Windows
- 1790 HTTP/2: 100% CPU usage seen during close/shutdown of endpoint
- 1792 Accept ISO-8859-1 characters in response reason
- 1794 Config properties typos in session-store-cache.mod
- 1795 Fix session id manager workerName
- 1796 ReservedThreadExecutor defaulting to capacity=1 only
- 1797 JEP 238 - Multi-Release JAR files break bytecode scanning
- 1798 JMXify EatWhatYouKill
- 1804 Make EndPoint creation and destroy a non-blocking task
- 1805 ReservedThreadExecutor should start ReservedThreads lazily
- 1809 NPE: StandardDescriptorProcessor.visitSecurityConstraint() with null/no security manager
- 1814 Move JavaVersion to jetty-util for future Java 9 support requirements
- 1816 HttpClientTest.testClientCannotValidateServerCertificate() hangs with JDK 9
- 475546 ClosedChannelException when connection to HTTPS over HTTP proxy with CONNECT
New in Jetty 9.4.1 (Feb 23, 2017)
- jetty-9.4.1.v20170120 - 20 January 2017
- JDK 9 ALPN implementation
- Support no-value Host header in HttpParser
- Support HTTP Trailer
- Unix socket connector blocks for 30 seconds on stopping the server
- JDK9 support in Jetty 9.3.x
- Add testcase for WSUF for stop/start of the Server
- Ensure xml validation works on web descriptors
- Support configuration of properties during --add-to-start jetty.server.HttpInput deadlock
- HttpClient and WebSocketClient should not remove all cookies on stop
- Make request.changeSessionId() work with NullSessionCache
- Start error results in NPE
- NPE while completing a reset HTTP/2 stream
- HTTP/2 reset on a stalled write does not unblock writer thread jetty-client throws NPE for request to IDN hosts only when `HttpClient#send(...)` is called
- Reading HttpServletRequest InputStream from a Filter then accessing getParameterNames() results in java.io.IOException: Missing content for multipart request
- Review buffer underflow cases in SslConnection
- IllegalStateException for HEAD requests responded with 404
- Connection abruptly closed for HEAD requests
- Where can i find SocketConnector .java and
- BlockingChannelConnector.java etc?
- Cannot --add-to-start=logback-access due to logback-core dependancy
- Problem using STOP.PORT and STOP.KEY with --exec
- WebSocketClient not sending `Authorization` request header
- Context path not set for symlink from root
- X-Forwarded-For incorrectly set in jetty-http-forwarded.xml
- NPE in JsrSession when dealing with a response missing the `Sec-WebSocket-Extensions` header
- HttpSessionBindingListener#valueUnbound not called consistently in
- WebSocketPolicy configuration inconsistent when using JSR
- IllegalStateException when HTTP/2 push is disabled
- Accepted subprotocol is not provided when @OnWebSocketConnect method is invoked
- Can't stop/start a WebAppContext with websocket
- ReadPendingException is thrown when using o.e.j.websocket.api.Session.suspend
- PushCacheFilter does not add the context path to pushed resources
- Session AbstractCreateAndInvalidateTest needs synchronization
- Authenticated sessions throw exception on invalidate
- Allow session workername to be null
- HttpSessionListener.sessionDestroyed can no longer access session
- Undefined JETTY_LOGS breaks jetty.sh
- Internal error during SSL handshake
- ClassLoader constraint issue when using NativeWebSocketConfiguration with WEB-INF/lib/jetty-http.jar present
- onBadMessage called from with handled message
- Charset=unknown produces Exception during testing
- org.eclipse.jetty.client.HttpRequestAbortTest.testAbortOnCommitWithContent[1]()
- results in EofException
- org.eclipse.jetty.proxy.ProxyServletFailureTest.testServerException[0]()
- results in ServletException
- ProxyServletFailureTest.testProxyRequestStallsContentServerIdlesTimeout()
- has TimeoutException visible
- org.eclipse.jetty.http2.client.StreamResetTest.testServerExceptionConsumesQueuedData results in visible Stacktrace
- HttpClientStreamTest.testInputStreamContentProviderThrowingWhileReading[transport:
- HTTPS]() results in Early EOF
New in Jetty 9.3.9 (May 20, 2016)
- ResourceHandler range support testcase
- Don't produce text/html if the request doesn't accept it
- Empty Realm for BasicAuthentication
- Add message to idle TimeoutException
- Expose HTTP/2 LastStream error improving invalid buffer manipulation exception messages
- Consider removing SSLEngine.beginHandshake() calls
- Http request to origin server over https proxy contains absolute URL
- jetty-alpn-server Import-Package manifest header should specify version of org.eclipse.jetty.alpn.api jetty-client redirection process is aborted if redirect response have corrupt body
- PathContentProvider - Use of Direct buffers without pooling
- qtp threads spin-locked in MBeanContainer.beanAdded
- NPE when notifying the session listener if the channel is closed before a session has been opened
- REQUEST_URI should retain original query string in case of rewrites
- Reintroducing Request to logExtended ensure release deployment of test-jetty-webapp:war and test-proxy-webapp:war init script does not properly display status of a non running service
- HttpParser RFC2616 Compliance mode
- Avoid sending request using a connection that is idle timing out
- Integrate session idling for MongoSessionManager
- Jetty Client doesn't forward authentication headers with redirects when using proxy
- Spin loop in case of exception thrown during accept()
- Improve close behaviour
- Element error-page/location must start with a '/'
- Very slow page load and missing resources when using HTTP/2 with Jetty
New in Jetty 9.3.8 (Mar 17, 2016)
- 107 ResourceHandler range support testcase
- 124 Don't produce text/html if the request doesn't accept it
- 247 improving invalid buffer manipulation exception messages
- 258 Http request to origin server over https proxy contains absolute URL
- 266 jetty-client redirection process is aborted if redirect response have
- corrupt body
- 305 NPE when notifying the session listener if the channel is closed before
- a session has been opened
- 316 Add *.chm mimetype mapping
- 343 ensure release deployment of test-jetty-webapp:war and
- test-proxy-webapp:war
- 346 HttpParser RFC2616 Compliance mode
- 353 Jetty Client doesn't forward authentication headers with redirects when
- using proxy
- 356 Element error-page/location must start with a '/'
- 362 Very slow page load and missing resources when using HTTP/2 with Jetty
- 9.3.7
- 365 Potential connection leakage in case of aborted request
- 366 Avoid HTTP2Flusher reentrancy
- 367 Resolve remaining git.eclipse.org build references
- 372 Data race in HttpReceiverOverHTTP2
- 377 HttpClient - No supported cipher suites leads to stuck requests
- 378 Can't configure per nodes settings in start.ini
- 379 Insufficient information on asyncNotSupported
- 381 HttpClient does not send the Authorization header with authenticating
- proxy
- 386 Explicit Authorization header is dropped when handling 407s
- 397 Multipart EOF handling
- 402 Don't use Thread.isAlive() in ShutdownMonitor
- 405 adding testcase for problematic HttpURI parsing of path params
- 406 GzipHandler: allow to override the Vary response header
- 407 JSR356 Server WebSocket Sessions no longer being tracked
- 408 Http client does not work on https with proxy
- 411 Add more debug log for mongosessionmanager and remove debug printlns
- 413 HotSwapHandler null handlers
- 416 Support HTTPS forward proxies
- 417 HttpClient: review support for OPTIONS *
- 423 Duplicate Content-Length header not handled correctly
New in Jetty 9.3.7 (Feb 4, 2016)
- Support SYNC_FLUSH in GzipHandler
- permessage-deflate extension causes protocol error in Firefox/Chrome
- Update SSL configuration to mitigate SLOTH vulnerability
- WebAppContext defaults should be same for xml or war deployment
- WebSocket upgrade response should honor HttpConfiguration server version settings
New in Jetty 9.3.6 (Nov 14, 2015)
- 419966 Add ContentProvider that submits multipart/form-data.
- 472675 No main manifest attribute, in jetty-runner regression
- 476641 Proxy rewriteTarget() null return does not call error handler.
- 478757 DebugHandler thread name is mangled
- 479179 Fixed NPE from debug
- 479378 Incorrect REQUEST_URI.
- 479712 Documented --approve-all-licenses
- 479832 Use system properties for gcloud config for GCloudDatastore session
- manager
- 479839 Regression when starting application with excessive scan times
- 479865 IllegalStateException: Multiple servlets map to path: *.jsp: jsp,jsp
- 480061 HTTP/2 server doesn't send GOAWAY frame when shutting down.
- 480162 Continuations behavior differences due to HttpURI behavior
- 480260 HPack decode error for buffers with offset.
- 480272 Update to newer jdt ecj version
- 480452 Large downloads via FastCGI proxy keep HttpClient connections active.
- 480764 Error parsing empty multipart.
- 481006 SSL requests intermittently fail with EOFException when SSL
- renegotiation is disallowed.
- 481203 Add ability to set configurations to apply to WebAppContext for
- jetty-maven-plugin
- 481225 Secondary resources with query parameters are not properly pushed.
- 481236 Make ShutdownMonitor java security manager friendly
- 481355 Nested Symlinks
- 481373 Corner cases where session may remain in JDBCSessionManager memory
- 481385 Incorrect parsing of END_REQUEST frames.
- 481418 ResourceHandler sets last modified
- 481437 Port ConnectHandler connect and context functionality from Jetty 8.
- 481554 DispatcherType reset race
New in Jetty 9.3.5 (Oct 19, 2015)
- calls to MetaData#orderFragments() with relative ordering adds duplicate jars
- Server preface sent after client preface reply.
- WS Session does not contain UpgradeRequest information in WebSocketAdapter.onWebSocketConnect callback
New in Jetty 9.3.4 (Oct 19, 2015)
- Expose batch mode in the Jetty WebSocket API
- isOpen returns true on CLOSING Connection
- WebSocketSessions are not always cleaned out from openSessions
- WebSocketServerFactory should not hand null object to DecoratedObjectFactory
- Incorrect trimming of WebSocket close reason
- When using WebSocket Session.close() there should be no status code or reason sent
- Support servers that close connections without sending Connection: close header.
- getTrustStoreResource fixed
- Enforce that the preface contains a SETTINGS frame.
- AsyncListener callbacks need context scope
- Add ability to send a single PRIORITY frame.
- Refactored DefaultServlet for cached Gzip & Etags
- Make jetty osgi manifests only resolve jetty packages against a
- single distro version
- ALPN classes exposed to webapps - fixed typo
- Encode merged query parameters
- Improve handling of etags with dynamic and static gzip
- Null args in TypeUtil .call & .construct result in confusing exceptions
- Fixed memory leak in QueuedThreadPool
- HttpClient over HTTP/2 doesn't close upload stream.
- Jetty HTTP2 client fails to connect with Netty server - HTTP2 client preface missing or corrupt.
- Overwhelmed HTTP/2 server discards data.
- Prevent leak of handles to deleted files after redeploy
- Increase client authentication default max content size
- Do not reset current value of CounterStatistics
- Client sending Connection: close does not shutdown output.
- prependFilterMapping check for null FilterHolder
- Remove pointless synchronize in infinispan scavenging
- WebappClassLoader pinned after redeploy
- Priority information in HEADERS frame is not sent.
- property file in temp directory
- JavaUtilLog setSourceClass and setSourceMethod
- Priority weights should be between 1 and 256 inclusive.
- Clarify support for HttpServletRequest.upgrade()
- DebugHandler thread name is mangled
- WebsocketSession not cleaned up / memory leak
- Update to jstl 1.2.5
- threads stuck at SharedBlockingCallback$Blocker.block
- Wrong CONNECT request idle timeout.
- HttpClient with HTTP/2 transport does not work for "https" URLs.
New in Jetty 9.3.3 (Sep 12, 2015)
- Introduce a proxy-protocol module.
- Restore legacy/experimental WebSocket extensions (deflate-frame)
- PathResource.checkAliasPath() typo
- Overriding SSL context KeyStoreType requires explicit override of
- TrustStoreType
- SslContextFactory does not work with JCEKS Keystore
- Update WebSocket Extension for permessage-deflate draft-22
- Reintroduce blocking connect().
- Allow synchronous address resolution.
- apache-jstl includes test dependencies
- DefaultServlet bad Content-Type on compressed content
- Handle JVM version extensions like -internal
- Tiny buffers (under 7 bytes) fail to compress in permessage-deflate
- Backport permessage-deflate from Jetty 9.3.x to 9.2.x
- Enable permessage-deflate WebSocket extension
- Debug log ServletContainerInitializer @HandlesTypes contents
- AsyncListener.onError not called for errors
- AsyncListener.onComplete not called when error occurs
- AsyncListener.onError() handling.
- GzipHandler configuration supports csv paths and mimetypes.
- HttpClient JMX support.
- WebSocketSessions are not always cleaned out from openSessions
- Close input stream for classes in AnnotationParser after scanning
- SNI matching fails when keystore does not contain wild certificates.
- Starting Jetty with [exec] should use properties file.
- ClosedChannelException when connecting to HTTPS over HTTP proxy with
- CONNECT.
- Add support for multi-homed destinations.
- SecureRequestCustomizer fails to match host.
New in Jetty 9.3.2 (Aug 5, 2015)
- Fixed SNI matching of wildcard certificates
- Thread Starvation of selector wakeups.
- fix typo
- Unjustified timeout when serving static content
- GzipHandler isMimeTypeGzipable() bad logic
- ConcatServlet may expose protected resources.
- HttpConfiguration copy constructor incomplete
- Improved StatisticsHandler 503 generation
- Encode addPath in URLResource
- HTTP/2 server does not retrieve Host header from client.
- Delay resource close for async default content
- Better handling of MultiException
- Fixed include cipher suites support for wildcards
- Add 301 Moved Permanently Rules to jetty-rewrite
- Add special (non-replacement) Terminating rules to jetty-rewrite
- Parameterize status code on Redirect Rules for alternate use
- Overriding SSL context KeyStoreType requires explicit override of
- TrustStoreType
- GatherWrite limit handling
- ProxyServlet.Transparent / TransparentDelegate add trailing slash
- before query when using prefix.
- SslConnection flips back buffers on handshake exception
- NPE in PushCacheFilter
New in Jetty 9.3.1 (Jul 17, 2015)
- Support HEADERS followed by CONTINUATION+.
- Rationalize property names (fix for jetty.sh) Change classesPattern to scanClassesPattern and testClassesPattern to scanTestClassesPattern to clarify purpose
- AsyncNCSARequestLog blocks JVM exit after failure
- HttpFields declares IllegalArgumentException as checked exception
- Remove @org.apache.xbean.XBean references
- Improved javadoc for ClasspathPattern
- Send the proxy-to-server request more lazily.
- Problem with scope provided dependencies with jspc plugin
- jetty-maven-plugin JettyWebAppContext#setQuickStartWebDescriptor should accept a Maven-friendly type
- Handle multiple RequestLogHandler in chain
- Thread Starvation of selector wakeups.
- If a webapp is not fully started do not fully stop it
- Only log warning for duplicate path mappings to same servlet in same descriptor
- Update jetty-maven-plugin mojo annotations for maven 3
- jetty-infinispan.xml incorrect syntax for remote named cache
- Apache jspc ignores empty list of files to precompile and scans anyway
- Improved debugging on async timeout
- ArrayIndexOutOfBoundsException in org.eclipse.jetty.quickstart.PreconfigureQuickStartWar
- StringIndexOutOfBoundsException when using with parameters
- Parsing issues with HttpURI
- Extend CrossOriginFilter to provide a Timing-Allow-Origin header
- Update to apache jsp 8.0.23 Use 8.0.23.M1 for jetty version of apache jsp 8.0.23
- NPE in HttpFields.putField
- Improved logging when no supported included ciphers
- PathResource.checkAliasPath typo
- Custom status codes result in a NumberFormatException while using http2.
New in Jetty 9.2.10 (Mar 14, 2015)
- Provide different error callbacks to ProxyServlet.
- ShutdownHandler should shut down more gracefully
- Added DispatcherType support to RewriteHandler
- ClientUpgradeRequest sends cookies in the wrong format
- Make sure TimeoutCompleteListener is cancelled if the request cannot be sent.
- Handle setReadListener on request with no content
- allow stop port to reuse address
- Double release of buffer by HttpReceiverOverHTTP
- ConnectionPool may leak connections.
- BufferUtil.writeTo does not update position consistently
- HttpContent.advance() race.
New in Jetty 9.2.9 (Feb 25, 2015)
- Redundant license notices
- When checking for precompiled jsp, ensure classname is present
- Jaas demo has wrong doco in html
- AsyncGzipFilter Mappings
- AsyncMiddleManServlet.GZipContentTransformer fails if last transform has no output
- if web.xml does not contain jspc maven plugin insertionMarker behavior is wrong
- Race condition releasing the response buffer.
- HttpParser error 400 can expose previous buffer contents in HTTP status reason message
New in Jetty 9.2.8 (Feb 20, 2015)
- Connector will fail if HeaderListener return false.
- ProxyServlet sends two User-Agent values.
- Close temp jar resource
- added test for maxFormContentSize
- Example Jar Server
- multipart annotation on lazily loaded servlet does not work
- Length check for HttpMethod MOVE lookahead
- ALPNServerConnection.select negotiation.
- CompletableCallback may not notify failures.
- Implement an async proxy servlet that can perform content transformations.
- JDBCLoginService javadoc incorrectly references HashLoginService
- org.eclipse.jetty.util.Uptime.DefaultImpl() not available on GAE
- master branch does not build on norwegian locale
- GzipHandler default mimeType behavior incorrect
- AsyncMiddleManServlet should set "Host:" header correctly in proxy to remote request headers.
- Defining a duplicate error page in webdefault.xml and web.xml results in an error
- AsyncMiddleManServlet race condition on first download content.
- jetty.sh handles start.d and no start.ini
- AsyncMiddleManServlet race condition on last download content.
- Support upgrade
- Failure writing content of a committed request leaks connections.
New in Jetty 9.2.7 (Jan 21, 2015)
- Hot Deployment of WAR when Context XML exists doesn't trigger redeploy
- Provide m2e lifecycle mapping metadata for jetty-jspc-maven-plugin
- Set the container classloader for osgi during webbundle undeploy
- Added busy threads JMX attribute to QueuedThreadPool
- SSLConnection use on Android client results in loop
- Jetty osgi should skip fragment and required bundles that are in the uninstalled state
- OSGi AnnotationParser should skip resources that are not in the classpath and close the class inputstream when done scanning it
- Source bundles should not be singleton
- Update JASPI
- jetty-plus JNDI tests should use unique JNDI paths
- Multiple Jetty-ContextFilePath entries separated by commas doesn't work
- Persist updated session expiry time for MongoSessionManager
- ensure multipart form-data parsing exception thrown to servlet
- Fixed jetty.sh handling of multiple JETTY_ARGS
- Exception on context undeploy from EnvConfiguration
- Jar containing ServiceContainerInitializer impl not found in TCCL in osgi
- Reduce ThreadLocal.remove() weak reference garbage
- Reflective call to websocket methods that fail have ambiguous exceptions
- Request sent from a failed CompleteListener due to connect timeout is failed immediately.
- HTTPS request with IP host and HTTP proxy throws IllegalArgumentException.
- JMX implementation should not be overridden by WebApp classes
New in Jetty 9.2.6 (Jan 21, 2015)
- Use BundleFileLocatorHelperFactory to obtain BundleFileLocatorHelper
- Remove dependency on java.lang.management classes
- Clear async context timeout on async static content
- Change sentinel class for finding jstl on classpath to org.apache.taglibs.standard.tag.rt.core.WhenTag
- DefaultServlet: useFileMappedBuffer javadoc is misleading
- Delay dispatch until content optimisation.
- EnvConfiguration.destroy() should set the classloader
- Fixed SSL hang on last chunk
- Multiple servlets map to path *.jsp when using jsp-property-group
- Do not add Date header if already set
- Make HttpOutput aggregation size configurable.
- Jetty not working when configuring QueuedThreadPool with
- minThreads=0.
- Fixed big write test
- _maxHeaderBytes>0 is not verified in parseNext() when in State.CLOSED.
- Jetty does not check for already registered services when bootstrapping
- HttpInput.consumeAll spins if input is in async mode.
New in Jetty 9.2.5 (Jan 21, 2015)
- org.eclipse.jetty.start.Main create classloader duplicate
- Handle ArrayTrie overflow with false return
- handle unquoted etags when gzipping
- Integer overflow in Session expiry calculation in MongoSessionManager
- Missing parameterization of etc/jetty-deploy.xml.
- Missing parameterization of etc/jetty-http[s].xml.
- GzipFilter MIGHT_COMPRESS exception
- Disable tests that downcaste wrapped GzipFilterResponses
- jetty.sh does not delete JETTY_STATE at start
New in Jetty 9.2.4 (Jan 21, 2015)
- "jetty.sh start" returns 0 on failure
- 'bin/jetty.sh stop' reports 'OK' even when jetty was not running
- Starting jetty from cygwin is not working properly
- NullPointerException after ServletUpgradeResponse.sendForbidden is called during WebSocketCreator.createWebSocket
- SSL requests often fail with EOFException or IllegalStateException.
- NPE when using relative paths for --start-log-file
- CrossOriginFilter javadoc says "exposeHeaders", but should be "exposedHeaders"
- Bad Context ClassLoader in JSR356 WebSocket onOpen
- Content sent with status 204 (No Content)
- CrossOriginFilter does not accept wildcard for allowedHeaders
- CrossOriginFilter does not set the Vary header
- improved FileResource encoded alias checking
- Ensure exceptions do not reduce threadpool below minimum
- JSP include with can cause infinite recursion
- Socks4Proxy fails when reading less than 8 bytes.
- replace CRLF in header values with whitespace rather than ?
- iterative WriteFlusher
- AsyncProxyServlet recursion.
- Ensure WebSocketUpgradeFilter is always first in filter chain
- Format exception in ResourceCache.Content.toString()
- nosql/mongodb - Cleanup process/Refreshing does not respect encoding of attribute keys
- Expose local and remote socket address to applications
- Goal jetty:deploy-war produces errors with version 9.2.3
- Fixed order of setReuseAddress call
- WebSocketClient.stop() does not unregister from ShutdownThread
- HttpClient notifies callbacks for last chunk of content twice.
- JSR356 / EndPointConfig.userProperties are not unique per endpoint upgrade
- ProxyServlet does not filter headers listed by the Connection header.
- Overriding of web-default servlet mapping in web.xml not working with quickstart
- First redeployed servlet leaks WebAppContext
- Rename weld.mod to cdi.mod to be consistent with past module namings
- STOP.WAIT is not really respected
- Reevaluate org.eclipse.jetty.websocket.jsr356 enablement concepts
- Improve Exception message when no jndi resource to bind for a name in web.xml
- Add SecuredRedirectHandler for embedded jetty use to redirect to secure port/scheme
- Error 400 should be logged with RequestLog
- RequestLogHandler at end of HandlerCollection doesn't work
- Support setting environment variables on forked jetty with jetty:run-forked
- jetty.sh fails to start when start-stop-daemon does not exist and the user is not root
- org.eclipse.jetty.websocket.server.WebSocketServerFactory not available in OSGi
- ALPN Fail SSL Handshake if no supported Application Protocols.
- NullPointerException in ProxyServlet when extended by Servlet without a package
- Oracle Sql error on JettySessions table when this table do not exist already
- getAsyncContext ISE before startAsync on async dispatches
- Null HttpChannel.getCurrentHttpChannel() in ServletHandler.doFilter().
- NPN Specification issue in the case no protocols are selected.
- SharedBlockingCallback does not handle connector max idle time of Long.MAX_VALUE; BlockerTimeoutException not serializable
- Disable SSLv3 by default.
- test harness for slow large writes
- MultiPart file always created when "filename" set in Content-Disposition
- getPart()/getParts() fails on Multipart request if getParameter is
- called in a filter first
- HttpClient is always going to send User-Agent header even though I do not want it to.
- Refactor to make MetaData responsible for progressively ordering
- web-inf jars
- Fixed INACTIVE race in IteratingCallback
- Removed unnecessary synchronize on initParser
- Clarified selectors==0 javadoc 448840 Clarified ServerConnector
- javadoc 448839 Fixed javadoc typo in ServerConnector
- Remove start.d directory from JETTY_HOME
- WARNING: Cannot enable requested module [protonego-impl]: not a valid module name
- WebSocketUpgradeFilter must support async.
- Removed extra space in NCSA log
- create-files downloads without license
- Make jvmArgs of jetty:run-forked configurable from command line
- OutputStreamContentProvider hangs when host is not available.
New in Jetty 9.2.3 (Sep 10, 2014)
- renamed class transformer methods
- Add embedded jetty code example with JSP enabled
- Added a idleTimeout to the SharedBlockerCallback
- Handle 0 sized async gzip
- ContainerLifeCycle: beans never stopped on remove
- Update jetty-osgi to asm-5 and spifly-1.0.1
- Odd NoClassDef errors when shutting down the jetty-maven-plugin via the stop goal
- ensure 500 is logged on thrown Errors
- isEarlyEOF on HttpInput
- org.eclipse.jetty.server.ResourceCache exceptions under high load
- Jetty hangs due to deadlocks in session manager
- Update to jsp and el Apache Jasper 8.0.9
- Ssl Stackoverflow on renegotiate
- Fixed etag handling in gzipfilter
- fixed sendRedirect / encoding
- Improved insufficient threads message
- Update example xml file for second server instance to extract wars
- Quickstart generates valid XML
- Allow specific ServletContainerInitializers to be excluded
- Embedded Jetty client requests to localhost hangs with high cpu usage (NIO OP_CONNECT Solaris/Sparc).
- Improved HttpParser illegal character messages
- Fixed HttpOutput spin
- web-fragment.xml wrongly parsed for applications running in serlvet 2.4 mode
- java.lang.NullPointerException on scavenge scheduling when session id
- manager declared before shared scheduler
- Distinguish situation where jetty looks for tlds in META-INF but finds none vs does not look
New in Jetty 9.1.3 (Mar 6, 2014)
- Ensure MongoSessionManager un/binds session attributes on refresh only if necessary
- Initialize GzipHandler mimeTypes
- HttpServletResponse.setBufferSize(0) results in tight loop (100% cpu hog)
- Outgoing extensions that create multiple frames should flush them in order and atomically.
- fixed XSS in async-rest demo
- Methods of anonymous inner classes can't be called via xml
- Rework batch mode / buffering in websocket.
- Test HEAD request with async IO
- HttpRequest mangles URI query string.
- limit white space between requests
- JettyStopMojo prints some messages on System.err
- Large streaming message fails in MessageWriter.
- Delay closing async HttpOutput until after UNREADY->READY
- JDBCSession(Id)Manager use read committed isolation level
- Do not auto initialise jsr356 websocket if no annotations or EndPoints discovered
New in Jetty 9.1.2 (Feb 15, 2014)
- 408167 Complex object as session attribute not necessarily persisted.
- 423421 remove org.slf4j and org.ow2.asm from jetty-all artifact
- 424171 Old javax.activation jar interferes with email sending
- 424562 JDBCSessionManager.setNodeIdInSessionId(true) does not work
- 425275 org.eclipse.jetty.osgi.annotations.AnnotationConfiguration.BundleParserTask.getStatistic() returns null when debug is enabled.
- 425638 Fixed monitor module/xml typos
- 425696 start.jar --add-to-start={module} results in error
- 425703 Review [Queued]HttpInput.
- 425837 Upgrade to jstl 1.2.2
- 425930 JDBC Session Manager constantly reloading session if save intervall expired once
- 425998 JDBCSessionIdManager fails to create maxinterval column
- 426250 jetty-all should be deployed on release
- 426358 NPE generating temp dir name if no resourceBase or war
- 426481 fix < java 1.7.0_10 npn files
- 426739 Response with Connection: keep-alive truncated.
- 426750 isReady() returns true at EOF
- 426870 HTTP 1.0 Request with Connection: keep-alive and response content hangs.
- 427068 ServletContext.getClassLoader should only check privileges if a SecurityManager exists
- 427128 Cookies are not sent to the server.
- 427245 StackOverflowError when session cannot be de-idled from disk
- 427254 Cookies are not sent to the client.
- 427512 ReadPendingException in case of HTTP Proxy tunnelling.
- 427570 externalize common http config to start.ini
- 427572 Default number of acceptors too big.
- 427587 MessageInputStream must copy the payload.
- 427588 WebSocket Parser leaks ByteBuffers.
- 427690 Remove Mux Extension and related support.
- 427699 WebSocket upgrade response sends Sec-WebSocket-Protocol twice.
New in Jetty 9.1.0 (Nov 19, 2013)
- Fixes:
- 397167: Remote Access documentation is wrong
- 416477: QueuedThreadPool does not reuse interrupted threads
- 420776: complete error pages after startAsync
- 421362: When using the jetty.osgi.boot ContextHandler service feature the wrong ContextHandler can be undeployed
New in Jetty 9.1.0 RC 0 (Oct 4, 2013)
- 412469 make module for jetty-jaspi
- 416453 Add comments to embedded SplitFileServer example
- 416577 enhanced shutdown handler to send shutdown at startup
- 416674 run all jetty-ant tests on random ports
- 416940 avoid download of spring-beans.dtd
- 417152 WebSocket / Do all setup in websocket specific ServletContainerInitializer
- 417239 re-implemented Request.getContentRead()
- 417284 Precompiled regex in HttpField
- 417289 SPDY replace use of direct buffers with indirect buffers or make it configurable
- 417340 Upgrade JDT compiler to one that supports source/target of Java 1.7
- 417382 Upgrade to asm 4.1 and refactor annotation parsing
- 417475 Do not null context Trie during dynamic deploy
- 417490 WebSocket / @PathParam annotated parameters are null when the servlet mapping uses a wildcard
- 417561 Refactor annotation related code: change log messages
- 417574 Setting options with _JAVA_OPTIONS breaks run-forked with true
- 417831 Remove jetty-logging.properties from distro/resources
- 417938 Startup / Sort properties presented in --list-config alphabetically
- 418014 Handle NTFS canonical exceptions during alias check
- 418068 WebSocketClient has lazy or injected Executor
- 418212 org.eclipse.jetty.spdy.server.http.SSLExternalServerTest hangs
- 418227 Null cookie value test
New in Jetty 9.0.3 (May 9, 2013)
- fix cast exception in mongodb session manager
- WebSocketCloseTest fails spuriously
- allow filemappedbuffers to not be used
- Modular Start.ini
- Wrap AsyncContext to throw ISE after complete
- NPE in rendering JSP using SPDY and wrapped ServletRequest
- spdy push: resource ordering and sequential push.
- Plugin gives error when its started twice
- Redeploy with jetty-maven-plugin fails
- Query parameters and POST queries. Fixed proxy case where the path is rewritten to be absolute.
- re-enabled connector statistics
- fix constructor for PushSynInfo ignores timeout, remove timeout for creating push streams in HttpTransportOverSPDY
- Security constraints with multiple http-method-omissions can be incorrectly applied
- removed tiny race from handling of suspend and complete
- Digest Auth supports out of order nc
- Session's disconnect not detected
- Spin in Request.recycle
- Jetty startup in OSGi Equinox fails when using option jetty.home.bundle=org.eclipse.jetty.osgi.boot
- jetty-runner contains invalid signature files
- Improved handling of static content resources
- IPvredirects fail.
- Accept CRLF or LF but not CR as line termination
- Improve attribute names in Request
- Do not dispatch from complete
- Unauthorized response causes retry loop.
- @PreDestroy called after Servlet.destroy()
- java.lang.IllegalStateException: null when using JDBCSessionManager
- Reduce build logging of OSGi modules
New in Jetty 9.0.2 (Apr 19, 2013)
- FIN WAIT sockets
- reuse Deflaters in GzipFilter
- do not use the ConcurrentArrayBlockingQueue for thread pool, selector and async request log
- fixed poor methods in ArrayTernaryTrie
- Tidy up comments and code formatting for osgi
- Servlet init-param always overridden by WebServlet annotation
- spdy imeplement MAX_CONCURRENT_STREAMS
- spdy improve handling of duplicate stream Ids
- ServletContextListeners call in reverse in doStop
- InputStreamResponseListener.await returns null when request fails.
- example other server for documentation
New in Jetty 9.0.1 (Apr 19, 2013)
- add comment to jetty-https.xml describing keymanager password
- non existing resources in collection are just warnings
- fixed merged of handling of timeouts after startAsync
- Improve setParentLoaderPriorty javadoc
- Improve WebAppContext classloading javadoc
- do not managed inherited life cycle listeners
- Add an implementation of RequestLog that supports Slf4j
- Destroyables destroyed on undeploy and shutdown hook
- ConcurrentModificationException in JDBC SessionManger
- When loading a session fails the JDBCSessionManger produces duplicate session IDs
- Add support for Proxy authentication.
- close input stream used from cached resource
- spdy push properly pass through request and response headers for pushed resources
- InputStreamResponseListener early close inputStream cause hold lock.
- reseed secure random
- Do not required endpoint host checking by default in server and configure in client
- Improve handling of TLS exceptions due to raw socket close.
- setuid as LifeCycle listener
- HttpSession.setMaxInactiveInterval(int) does not change JDBCSession expiry
- WebAppContext references old WebSocket packages in system and server classes
- jetty.sh to support status which is == check
- WebSocket client module can't be used with WebSocket server module in the same WAR.
- Test harness for global error page and hide exception message from reason string
- STOP.PORT & STOP.KEY behaviour has changed
- Premature initialization of Servlets
- WebSocket Upgrade must honor case insensitive header fields in upgrade request
- Session replication fails with ClassNotFoundException when session attribute is Java dynamic proxy
- Update to javax.el 2.2.jetty.sh waits for started or failure before returning
- Named connectors
- move frameBytes.fail() call in StandardSession.flush() outside the synchronized block to avoid deadlock
- WebSocket change timeout log level from warn -> info
- Introduce WebSocketTimeoutException to differentiate between EOF on write and Timeout
- Review synchronization in SslConnection.
- HttpSession maxInactiveInterval is not serialized in HashSession
- jetty:run goal cannot be executed twice during the maven build
- Asynchronous Request Logging
- do not use the ConcurrentArrayBlockingQueue for thread pool, selector and async request log
- Use of WebSocket Session.close() results in invalid status code
- port jetty-monitor to jetty-and activate it
- JDBCSessionIdManager.doStart() method should not call cleanExpiredSessions() because Listeners can't be notified
- If cannot connect to db fail startup of JDBCSessionIdManager
- Add Vary headers rather than set them
- Jetty's AnnotationConfiguration class does not scan non-jar resources on the container classpath
- Exception from inputstream cause hang or timeout.
- org.eclipse.jetty.util.Scanner.scanFile() dies with an NPE if listFiles() returns null
- Improved parameterization of https and SPDY
- data constraint redirection does send default port
- set status when Request.setHandled(true) is called
- Replaced all StringMap usage with Tries
- Close connection if request received after half close
- Reintroduce ability to disallow TLS renegotiation.
- SPDY can only be built with the latest JDK version.
- Support IPvaddresses in DoSFilter white list.
- Allow regexs for SslContextFactory.setIncludeCipherSuites() and .setExcludeCipherSuites()
- SelectorManager accepts attachments with sockets
- servlets with load-on-startup =are not fired up on jettystartup
- Fixed Resource.newSystemResource striped / handling
- Query parameters lost for non GET or POST
New in Jetty 9.0.0 (Apr 19, 2013)
- add updated version of npn-boot jar to start.ini
- do not hold lock while calling invalidation listeners
- Destroyables destroyed on undeploy and shutdown hook
- ServletContextListener.contextInitialized() is not called when added in ServletContainerInitializer.onStartup
- removed unused getOutputStream
- StringIndexOutOfBoundsException for "/*" of fix for multiple mappings to *.jsp
- Fixed MBean setter for String[]
- Less verbose INFOs
- Improved Authentication exception messages and provided quiet servlet exception
- Dump does not login user already logged in
- Abort request if maxRequestsQueuedPerDestination is reached.
- InputStreamResponseListener CJK byte (>=128) cause EOF.
- fixed getRemoteAddr to return IP instead of hostname
- Enhance DosFilter to allow dynamic configuration of attributes.
- Ensure OSGI WebApp as Service (WebAppContext) can be deployed only through ServiceWebAppProvider
- Websocket blocking write hangs when remote client dies (or is killed) without going thru Close handshake
- org.eclipse.jetty.server.ShutdownMonitor doesn't stop after the jetty server is stopped
- Massive old gen growth when hit by lots of non persistent connections.
- httpsender PendingState cause uncertain data send to server.
- fixed URI resize in HttpParser
- Update Javadoc for WebSocketServlet for new API
- WebSocket / Session.setIdleTimeout(ms) should support in-place idle timeout changes
- updated javascript mime-type
- spdy proxy: fix race condition in nested push streams initiated by upstream server. Fix several other small proxy issues
- HttpReceiver and null pointer exception.
- Host with default port causes redirects loop.
- WebAppContext references old WebSocket packages in system and server classes
- WebSocket client module can't be used with WebSocket server module in the same WAR