Http11

The Hypertext Transfer Protocol (HTTP) is an application layer protocol for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web, where hypertext documents include hyperlinks to other resources that the user can easily access, for example by a mouse click or by tapping the screen in a web browser. Squid-3.2 claims HTTP/1.1 support. Squid v3.1 claims HTTP/1.1 support but only in sent requests (from Squid to servers). Earlier Squid versions do not claim HTTP/1.1 support by default because they cannot fully handle Expect:100-continue, 1xx responses, and/or chunked messages. Come effettuare richieste HTTP/1.1. The original model of HTTP, and the default one in HTTP/1.0, is short-lived connections. Each HTTP request is completed on its own connection; this means a TCP handshake happens before each HTTP request, and these are serialized. The first usable version of HTTP was created in 1997. Because it went through several stages of development, this first version of HTTP was called HTTP/1.1. This version is still in use on the web. In 2015, a new version of HTTP called HTTP/2 was created.

Hi, I moved the tomcat application/openkm to my nas box and have a strange situation with firefox, particularly on linux.
Windows Client
IE11 - Working with Java Applet for Uploading / Scanning

Http11nio2protocol


Chrome v38 - Working with Java Applet for Uploading / Scanning
Firefox 33 - Reports Java Deployment Toolkit has known security vulnerabilities and has therefore been blocked. - but otherwise works
Ubuntu Client

Http 1.1403

Chrome v38 - Working without Java support i.e. no Uploading / Scanning due to removal of NPAPI support - but otherwise works
Http11Firefox 33 - Just get a blank screen. No warnings, etc but in the error log, i get the message below.
2014-10-31 10:47:23,156 [http-apr-0.0.0.0-8080-exec-4] INFO org.apache.coyote.http11.Http11AprProcessor- Error parsing HTTP request header
Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level.

When i used the Ubuntu clients to access the application on the Ubuntu Desktop which connects to the nas db, it works fine.

Introduction

The follow sections list the system properties that may be set to modify the default JBossWeb behaviour.

The system-propertiescan be set in the AS7 configuration (you need to restart it to get them applied to the web sub system, for example: then restart it for some properties a reload command is enough:

Servlet container and connectors

AttributeDescription
jvmRoute

Provides a default value for the jvmRoute attribute. It does not override the automaticaly generated value used when using ha read with using configuration like standalone-ha.xml

It supports :reload.

org.apache.tomcat.util.buf.StringCache.byte.enabled

If true, the String cache is enabled for ByteChunk. If not specified, the default value of false will be used.

org.apache.tomcat.util.buf.StringCache.char.enabled

If true, the String cache is enabled for CharChunk. If not specified, the default value of false will be used.

org.apache.tomcat.util.buf.StringCache.trainThreshold

The number of times toString() must be called before the cache is activated. If not specified, the default value of 20000 will be used.

org.apache.tomcat.util.buf.StringCache.cacheSize

The size of the String cache. If not specified, the default value of 200 will be used.

org.apache.tomcat.util.buf.StringCache.maxStringSize

The maximum length of String that will be cached. If not specified, the default value of 128 will be used.

org.apache.tomcat.util.http.FastHttpDateFormat.CACHE_SIZE

The size of the cache to use parsed and formatted date value. If not specified, the default value of 1000 will be used.

org.apache.catalina.core.StandardService.DELAY_CONNECTOR_STARTUP

If true, the connector startup will not be done automatically. Useful in embedded mode.

org.apache.catalina.connector.Request.SESSION_ID_CHECK

If true, the Servet container will verify that a session exists in a context with the specified session id before creating a session with that id.

org.apache.coyote.Constants.USE_CUSTOM_STATUS_MSG_IN_HEADER

If this is true custom HTTP status messages will be used within HTTP headers. Users must ensure that any such message is ISO-8859-1 encoded, particularly if user provided input is included in the message, to prevent a possible XSS vulnerability. If not specified the default value of false will be used.

org.apache.tomcat.util.http.Parameters.MAX_COUNT

The maximum amount of parameters that can be parsed in a post body. If exceeded, parsing will fail using an IllegalStateException. The default value is 512 parameters.

org.apache.tomcat.util.http.MimeHeaders.MAX_COUNT

The maximum amount of headers that can be sent in the HTTP request. If exceeded, parsing will fail using an IllegalStateException. The default value is 128 headers.

org.apache.tomcat.util.net.MAX_THREADS

The maximum number of threads a connector is going to use to process requests. The default value is 32 x Runtime.getRuntime().availableProcessors(). (512 x Runtime.getRuntime().availableProcessors() for the JIO connector)

org.apache.coyote.http11.Http11Protocol.MAX_HEADER_SIZE

The maximum size of the HTTP headers, in bytes. If exceeded, parsing will fail using an ArrayOutOfBoundsExceptions. The default value is 8192 bytes.

org.apache.coyote.http11.Http11Protocol.COMPRESSION

Allows using simple compression with the HTTP connector. The default value is off, and compression can be enabled using the value on to enable it conditionally, or force to always enable it.

org.apache.coyote.http11.Http11Protocol.COMPRESSION_RESTRICTED_UA

User agents regexps that will not receive compressed content. The default value is empty.

org.apache.coyote.http11.Http11Protocol.COMPRESSION_MIME_TYPES

Content type prefixes of compressible content. The default value is text/html,text/xml,text/plain.

org.apache.coyote.http11.Http11Protocol.COMPRESSION_MIN_SIZE

Minimum size of content that will be compressed. The default value is 2048 bytes.

org.apache.coyote.http11.DEFAULT_CONNECTION_TIMEOUT

Default socket timeout. The default value is 60000 ms.

org.apache.coyote.http11.DEFAULT_KEEP_ALIVE_TIMEOUT

Default socket timeout for keep alive. The default value is -1 ms, which means it will use the default socket timeout.

EL

AttributeDescription
org.apache.el.parser.COERCE_TO_ZERO

If true, when coercing expressions to numbers ' and null will be coerced to zero as required by the specification. If not specified, the default value of true will be used.

JSP

AttributeDescription
org.apache.jasper.compiler.Generator.VAR_EXPRESSIONFACTORY

The name of the variable to use for the expression language expression factory. If not specified, the default value of _el_expressionfactory will be used.

org.apache.jasper.compiler.Generator.VAR_INSTANCEMANAGER

The name of the variable to use for the instance manager factory. If not specified, the default value of _jsp_instancemanager will be used.

org.apache.jasper.compiler.Parser.STRICT_QUOTE_ESCAPING

If false the requirements for escpaing quotes in JSP attributes will be relaxed so that a missing required quote will not cause an error. If not specified, the specification compliant default of true will be used.

org.apache.jasper.Constants.DEFAULT_TAG_BUFFER_SIZE

Any tag buffer that expands beyond org.apache.jasper.Constants.DEFAULT_TAG_BUFFER_SIZE will be destroyed and a new buffer created of the default size. If not specified, the default value of 512 will be used.

org.apache.jasper.runtime.JspFactoryImpl.USE_POOL

If true, a ThreadLocal PageContext pool will be used. If not specified, the default value of true will be used.

org.apache.jasper.runtime.JspFactoryImpl.POOL_SIZE

The size of the ThreadLocal PageContext. If not specified, the default value of 8 will be used.

org.apache.jasper.Constants.JSP_SERVLET_BASE

The base class of the Servlets generated from the JSPs. If not specified, the default value of org.apache.jasper.runtime.HttpJspBase will be used.

org.apache.jasper.Constants.SERVICE_METHOD_NAME

The name of the service method called by the base class. If not specified, the default value of _jspService will be used.

org.apache.jasper.Constants.SERVLET_CLASSPATH

The name of the ServletContext attribute that provides the classpath for the JSP. If not specified, the default value of org.apache.catalina.jsp_classpath will be used.

org.apache.jasper.Constants.JSP_FILE

The name of the request attribute for <jsp-file> element of a servlet definition. If present on a request, this overrides the value returned by request.getServletPath() to select the JSP page to be executed. If not specified, the default value of org.apache.catalina.jsp_file will be used.

org.apache.jasper.Constants.PRECOMPILE

The name of the query parameter that causes the JSP engine to just pregenerate the servlet but not invoke it. If not specified, the default value of org.apache.catalina.jsp_precompile will be used.

org.apache.jasper.Constants.JSP_PACKAGE_NAME

The default package name for compiled jsp pages. If not specified, the default value of org.apache.jsp will be used.

org.apache.jasper.Constants.TAG_FILE_PACKAGE_NAME

The default package name for tag handlers generated from tag files. If not specified, the default value of org.apache.jsp.tag will be used.

org.apache.jasper.Constants.TEMP_VARIABLE_NAME_PREFIX

Prefix to use for generated temporary variable names. If not specified, the default value of _jspx_temp will be used.

org.apache.jasper.Constants.USE_INSTANCE_MANAGER_FOR_TAGS

If true, the instance manager is used to obtain tag handler instances. If not specified, false will be used.

org.apache.jasper.Constants.INJECT_TAGS

If true, annotations specified in tags will be processed and injected. This can have a performance impact when using simple tags, or if tag pooling is disabled. If not specified, true will be used.

Security

AttributeDescription
org.apache.catalina.connector.RECYCLE_FACADES

If this is true or if a security manager is in use a new facade object will be created for each request. If not specified, the default value of false will be used.

org.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH

If this is true the ' character will be permitted as a path delimiter. If not specified, the default value of false will be used.

org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH

If this is true '%2F' and '%5C' will be permitted as path delimiters. If not specified, the default value of false will be used.

Http1.1 Drawback

Specification

Rfc2616

AttributeDescription
org.apache.catalina.STRICT_SERVLET_COMPLIANCE

If this is true the following actions will occur:

  • any wrapped request or response object passed to an application dispatcher will be checked to ensure that it has wrapped the original request or response. (SRV.8.2 / SRV.14.2.5.1)
  • a call to Response.getWriter() if no character encoding has been specified will result in subsequent calls to Response.getCharacterEncoding() returning ISO-8859-1 and the Content-Type response header will include a charset=ISO-8859-1 component. (SRV.15.2.22.1)
  • every request that is associated with a session will cause the session's last accessed time to be updated regardless of whether or not the request explicity accesses the session. (SRV.7.6)
org.apache.catalina.core.StandardWrapperValve.SERVLET_STATS

If true or if org.apache.catalina.STRICT_SERVLET_COMPLIANCE is true, the wrapper will collect the JSR-77 statistics for individual servlets. If not specified, the default value of false will be used.

org.apache.catalina.session.StandardSession.ACTIVITY_CHECK

If this is true or if org.apache.catalina.STRICT_SERVLET_COMPLIANCE is true Tomcat will track the number of active requests for each session. When determining if a session is valid, any session with at least one active request will always be considered valid. If not specified, the default value of false will be used.