Summary: | Allow to use https: protocol in xsi:schemaLocation of web.xml, web-fragment.xml (validation fails with recent releases of Spring) | ||
---|---|---|---|
Product: | Tomcat 9 | Reporter: | Konstantin Kolinko <knst.kolinko> |
Component: | Catalina | Assignee: | Tomcat Developers Mailing List <dev> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | P2 | ||
Version: | 9.0.17 | ||
Target Milestone: | ----- | ||
Hardware: | PC | ||
OS: | All |
Description
Konstantin Kolinko
2019-04-03 03:33:35 UTC
Commit that did the change in Spring Framework (beware that it has 612 changed files): https://github.com/spring-projects/spring-framework/commit/d40ed0942bbf184694ab522b54d616d63111c6be?diff=unified In the tag libraries in spring-webmvc-4.3.23.RELEASE.jar they also changed META-INF/spring.tld META-INF/spring-form.tld - xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd" + xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee https://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd" That caused a failure during scanning of tlds and compilation failures for JSPs in some configurations (7.0.93, metadata-complete="true" so that fragments are not scanned, the exact steps are TBD). Why the ROOT app of 9.0.17 that has metadata-complete="true" performs scanning and validation for web-fragment.xml is a separate question. Workaround If I turn validation off by setting org.apache.catalina.STRICT_SERVLET_COMPLIANCE=false the affected web applications start successfully. Fixed in: - master for 9.0.18 onwards - 8.5.x for 8.5.40 onwards - 7.0.x for 7.0.94 onwards I tested builds of current master and 7.0.x branches. The issue is fixed. Thank you. |