On 10/14/21 7:12 AM, Mark Thomas wrote:
The fix for bug 63362 introduced a memory leak. The object introduced to
collect metrics for HTTP upgrade connections was not released for
WebSocket connections once the WebSocket connection was closed. This
created a memory leak that, over time, could lead to a denial of service
via an OutOfMemoryError.
Question:
Is this even an issue if the Tomcat is configured to *only* listen on
443, and rejects non-HTTPS connections outright?
--
JHHL
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
