Versions Compared

Old Version 2

changes.mady.by.user Mark Thomas

Saved on

compared with

New Version 3

changes.mady.by.user Mark Thomas

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Security hardening.
    1. https://bz.apache.org/bugzilla/show_bug.cgi?id=55969
    2. https://bz.apache.org/bugzilla/show_bug.cgi?id=58837 (a more general mod_headers style solution)
  2. TCK + CI
    1. Integrate the Jakarta EE TCKs for Servlet, JSP, EL and WebSocket into the Tomcat CI builds
  3. HTTP/2 improvements
    1. remm to provide details
  4. Cloud functionality
    1. remm to provide details
  5. Coyote clean-up / improvements
    1. remm to provide details
  6. Add support for TLS key logging via OpenSSL to Tomcat-Native to aid debugging
  7. Look at TLS 1.3 early data and review the costs / benefits / feasability feasibility of implementing it in Apache Tomcat
  8. Check HTTP/2 priority implementation
    1. https://github.com/andydavies/http2-prioritization-issues 
    2. https://github.com/pmeenan/http2priorities/tree/master/stand-alone
    3. Review Tomcat's use of buffering. Generally, want to commit to the network as late as possible to help (re-)prioritisation work.
  9. Check Tomcat's aching behaviour
    1. https://github.com/http-tests/cache-tests
  10. Look at new(ish) cookie extensions and review the costs / benefits / feasibility of implementing them in Apache Tomcat
    1. https://scotthelme.co.uk/tough-cookies/
  11. PGP key signing