Hi all, I have some questions about the documentation of the ISAPI Connector 1.2.32 (and about the connector itself).
1. In the Reference Guide for IIS (http://tomcat.apache.org/connectors-doc/reference/iis.html), the registry options are listed. For the option "enable_chunked_encoding" which controls if chunked encoding is used, there is the note: "This option is considered experimental and its support must be compile time enabled. Use isapi_redirect.dll with chunked support enabled." Is enabling chunked encoding still considered experimental? I'm using it since one year or so on IIS 7 and never encountered any problems with it (besides one or two bugs which I reported and got fixed). Also, I'm not sure if the phrase "its support must be compile time enabled" currently still applies, as it seems that the binaries are always compiled with support for chunked encoding since 1.2.30 or so. I would consider chunked encoding support as a requirement for optimal performance, because without supporting it, each time a response is sent to a client without knowing the Content-Length in advance, the TCP connection has to be closed (and re-opened when another request should be performed), which is why I always enable chunked encoding in the ISAPI connector. If there are no problems with the chunked encoding reported, maybe the docs could be changed to remove the "experimental" note? Maybe even the default value for "enable_chunked_encoding" in the connector itself could be changed from "false" to "true"? 2. I observed that when a request is made to IIS which is mapped to Tomcat, and the request path contains the string "WEB-INF", like http://www.example.com/test/asdf/blahblah/blah/WEB-INF/blahbla/asdf then the ISAPI connector logs a statement like this: [Sat Mar 10 22:34:58.030 2012] [11744:10792] [emerg] handle_notify_event::jk_isapi_plugin.c (1997): [/test/asdf/blahblah/blah/WEB-INF/blahbla/asdf] points to the web-inf or meta-inf directory. Somebody tries to hack into the site!!! If I remember correctly, in some earlier versions of the ISAPI connector (or IIS), in such cases the TCP connection from IIS to the client would also be closed without any reply; however, in the current version, a 404 reply is sent from the ISAPI connector. I'm wondering why the ISAPI redirector checks if "WEB-INF" is occurring in the path, because Tomcat seems to already check if a request is made to the WEB-INF or META-INF directory of an web application, and if so, sends back a normal 404 response. Is this a kind of relict from earlier times? Because I would expect that the ISAPI redirector just passes the request to Tomcat and let Tomcat decide how requests to forbidden directories are handled, without writing an "emergency" log entry. Thanks! Regards, Konstantin Preißer --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
