Feature Request

• [UNDERTOW-50] - Cookie version 0->1 conversion
• [UNDERTOW-238] - Provide OSGI Header Information
• [UNDERTOW-573] - Add support for the proxy protocol
• [UNDERTOW-717] - Support ALPN via modification of the underlying data stream
• [UNDERTOW-720] - Add support for ALPN on JDK8 that does not require modifying the boot class path
• [UNDERTOW-733] - Allow file system watch to be disabled in PathResourceManager
• [UNDERTOW-748] - No way to get the exception in DefaultResponseListener
• [UNDERTOW-753] - Make XNIO and Worker instance availble from the Undertow builder
• [UNDERTOW-760] - Support redirect in the web socket client
• [UNDERTOW-764] - Add max/current requests and connections to connector statistics
• [UNDERTOW-778] - Add array backed buffer pool allocation to ByteBufferPool
• [UNDERTOW-779] - Ability to pass context objects for WebSocketCallback in Websockets helper class
• [UNDERTOW-782] - Add more debug and trace logging
• [UNDERTOW-828] - Deprecate the no argument version of dispatch()
• [UNDERTOW-838] - Add idempotent predicate
• [UNDERTOW-855] - Server-Sent Event: retry event type support
• [UNDERTOW-857] - Add PATCH method to Methods class
• [UNDERTOW-920] - Decode requests with Content-Encoding GZIP
• [UNDERTOW-939] - Add a new attribute for a reason phrase of http response in access logging
• [UNDERTOW-945] - Make response body avaible as an exchange attribute
• [UNDERTOW-1024] - Add an experimental support for SameSite Cookie attribute
• [UNDERTOW-1049] - Add ResourceSupplier interface
• [UNDERTOW-1052] - Add errors count to metrics handler
• [UNDERTOW-1072] - Allow the session id alphabet to be customised
• [UNDERTOW-1125] - 500 error when X-FORWARDED-PORT is less than 0
• [UNDERTOW-1148] - The DeploymentManagerImpl should pass in the IdentityManager to custom AuthenticationMechanismFactory in deployment
• [UNDERTOW-1178] - Reload SSL Certs at Runtime
• [UNDERTOW-1182] - Add an option to enable Secure Cookie for the request from secure channel
• [UNDERTOW-1201] - Add ping support to the AJP client
• [UNDERTOW-1207] - Support Forwarded HTTP Extension - RFC 7239
• [UNDERTOW-1273] - Add support for checking for non zero length files

Bug

• [UNDERTOW-545] - io.undertow.server.security.SpnegoAuthenticationTestCase#testSpnegoSuccess fails on IBM 1.8 JDK
• [UNDERTOW-548] - ServletFormAuthenticationMechanism is incorrectly setting the status code
• [UNDERTOW-555] - Proxy handler incorrectly encodes matrix parameters
• [UNDERTOW-568] - access log states incorrect sizes for gzipped resources
• [UNDERTOW-676] - mod_cluster proxy: Intermittent HTTP 503 on jvmKill based failover among worker nodes
• [UNDERTOW-684] - Enabling PerMessageDeflateHandshake creates corrupt message when message size is > 300K range
• [UNDERTOW-689] - Potential race when resuming writes in AbstractFramedStreamSinkChannel
• [UNDERTOW-692] - add trace logging to the security constraint processing in wildfly/undertow
• [UNDERTOW-693] - ArrayIndexOutOfBoundsException when calling to addExchangeCompleteListener
• [UNDERTOW-694] - NullPointerException :: UT005018: Exception invoking close listener
• [UNDERTOW-696] - java.lang.NumberFormatException when extracting X-Forwarded-Port in ProxyPeerAddressHandler
• [UNDERTOW-699] - Predicate handlers that run before the servlet initial handler can't set servlet request attributes
• [UNDERTOW-701] - Wildfly 10 (& 9) websocket producing massive logs on websocket error (async send only)
• [UNDERTOW-703] - Too aggressive URL encoding in ProxyHandler
• [UNDERTOW-705] - mod_cluster does not advertise immediatly on startup, but waits for advertise_frequency
• [UNDERTOW-706] - Undertow mod_cluster proxy: AjpClientConnection: XNIO001007: java.lang.NullPointerException
• [UNDERTOW-710] - receiveFullBytes callbacks may not be called on error with some protocols
• [UNDERTOW-712] - Randomly ServerSentEventConnection$SseWriteListener.handleEvent goes into an infinite loop
• [UNDERTOW-715] - Calling setAttribute(key, value) on Session with a 'null ' value leads to a NullPointerException
• [UNDERTOW-718] - No way to get ConnectorStatistics from the Undertow builder
• [UNDERTOW-721] - Protocol name for HTTP/2 connections is reported as HTTP/1.1
• [UNDERTOW-734] - Undertow does not call the init() method of servlets that implements SingleThreadModel even when load-on-startup is set
• [UNDERTOW-735] - Error detection for when exchange is resumed and dispatched is wrong
• [UNDERTOW-740] - Reverse proxy no longer accounts for resolved path
• [UNDERTOW-742] - ResourceHandler not working anymore if path contains ..
• [UNDERTOW-743] - Provide username in trace logging for sec constraint during logout
• [UNDERTOW-746] - Web socket handshake does not correctly deal with extensions for JSR based websockets
• [UNDERTOW-754] - When batching is enabled annotated endpoint returned values are not automatically flushed
• [UNDERTOW-756] - Redirect Location header ignores X-Forwarded-Host and X-Forwarded-Port but honours X-Forwarded-Proto
• [UNDERTOW-762] - Cookies.parseSetCookieHeader cannot handle the case where the cookie value does not end in a semicolon
• [UNDERTOW-763] - javax.servlet.http.Part.getSubmittedFileName() uses wrong encoding
• [UNDERTOW-765] - Potential ArrayOutOfBoundException -1 in HttpServerExchange
• [UNDERTOW-767] - Change sessionNotFound() message to sessionIsInvalid()
• [UNDERTOW-768] - Direct buffer memory exhaustion due to slow websocket consumer
• [UNDERTOW-771] - Web authentication not treating "**" role constraint as expected
• [UNDERTOW-772] - SSE fillBuffer() does not handle data containing line breaks correctly
• [UNDERTOW-773] - ServerEndpointConfig.getExtensions() should be empty for annotated endpoints
• [UNDERTOW-776] - Resumed and dispatched when using FormDataParser
• [UNDERTOW-780] - WebSocketCallback.complete() invoked twice sometimes
• [UNDERTOW-781] - Deprecate ThreadSetupAction
• [UNDERTOW-786] - Undertow accepts HTTP/1.1 requests with no Host header
• [UNDERTOW-787] - wrong conversion for response time when requested in seconds
• [UNDERTOW-790] - Default NO_REQUEST_TIMEOUT is wrong
• [UNDERTOW-791] - Potential stack overflow with websockets when worker is shut down
• [UNDERTOW-799] - Exceptions in SslConduit finally block while accessing closed buffer
• [UNDERTOW-801] - Session container volatile update outside of sync block
• [UNDERTOW-802] - "Comment" attribute is missing in Version 1 Cookie
• [UNDERTOW-804] - Statistic for session-avg-alive-time doesn't work.
• [UNDERTOW-805] - web.xml unprotected url pattern "/" overrides role protected "/*" pattern
• [UNDERTOW-806] - SslConduit may leak file descriptors if close() is not called
• [UNDERTOW-807] - HTTP2 WINDOW_UPDATE delta is non-zero check
• [UNDERTOW-809] - Updating of maximum concurrent requests in RequestLimit works incorrect
• [UNDERTOW-810] - deflate sink channel resume/wakeupWrites may not always work
• [UNDERTOW-811] - [7.1.x] Calling HttpServletRequest.logout() with single sign-on enabled only works every second time
• [UNDERTOW-812] - (7.1.0) access log in extended mode with 'cs-uri-query' identifier logs also '?' character
• [UNDERTOW-813] - (7.1.0) Extended format of access-log - 'time-taken' identifier is just empty string
• [UNDERTOW-814] - AbstractFramedStreamSourceChannel#markStreamBroken has potential thread safety issues
• [UNDERTOW-815] - MCMP ENABLE-APP targetting a node does not work
• [UNDERTOW-816] - Check for minimal and maximal occurence of required HTTP2 request pseudo-headers
• [UNDERTOW-818] - Shift-JIS encoding data is garbled
• [UNDERTOW-819] - HTTP2 client can send incorrect headers for CONNECT requests
• [UNDERTOW-820] - Web socket client generates invalid host header for wss requests
• [UNDERTOW-821] - Check that HTTP2 pseudo-headers are listed at the beginning in request
• [UNDERTOW-822] - HTTP2 connection-specific headers check in request
• [UNDERTOW-824] - HTTP2 continuation frame processing in Undertow
• [UNDERTOW-826] - WebSockets helper class passes null instead of context in onError
• [UNDERTOW-830] - HTTP/2 processing RFC compliance issues
• [UNDERTOW-833] - [Proxy] No failover on empty response from node
• [UNDERTOW-835] - CVE-2016-7046: Long URL proxy request lead to java.nio.BufferOverflowException and DoS
• [UNDERTOW-836] - Http2ClientConnection.sendRequest should be syncronized to make sure streams arrive in order
• [UNDERTOW-837] - Incorrect redirection after authentization when using elytron
• [UNDERTOW-840] - Proxy connection still communicating after timeout
• [UNDERTOW-841] - Predicate language does not allow you to clear a header
• [UNDERTOW-847] - ProxyPeerAddressHandler should not assume port 80
• [UNDERTOW-848] - No warning logged for uncovered HTTP methods by security constraints
• [UNDERTOW-850] - HTTP/2, Proxying and chunked responses
• [UNDERTOW-851] - When server gives response 405 it should also include Allow header listing allowed methods
• [UNDERTOW-852] - Web server should return 501 for METHOD requests which are completely unknown to it
• [UNDERTOW-853] - SPDY: (Spdy|HTTP2)ClientConnection.sendRequest() shouldn't be synchronized
• [UNDERTOW-858] - Server sent event failure callback transposes event and data parameters
• [UNDERTOW-859] - ProxyHandler fails with status 400 in some cases
• [UNDERTOW-862] - after ThreadSetupAction deprecation can`t set deployment`s ThreadSetupActions and ThreadSetupHandlers through ServletExtension
• [UNDERTOW-864] - Mod_cluster status page (MCMPWebManager) returns HTTP error 404
• [UNDERTOW-870] - HTTPClientConnection does not resume reads immediatly
• [UNDERTOW-871] - Possible buffer leak if there an exception when writing the proxy request
• [UNDERTOW-872] - WebSocketStressTest hangs occasionally
• [UNDERTOW-873] - Flow control gets out of sync on the client side if HTTP/2 padding is used
• [UNDERTOW-874] - SinglePortConfidentialityHandler generates invalid URL if the client sent a full URI in the request
• [UNDERTOW-881] - AJP and HTTP/2 listeners ignore max header and parameter limits
• [UNDERTOW-883] - Missing null check in SecurityContextImpl
• [UNDERTOW-884] - FormAuthenticationMechanism.sendRedirect computes wrong location header value
• [UNDERTOW-885] - PathResourceManager cannot resolve non-normal paths that occur after a symlink segment
• [UNDERTOW-888] - Balancer actualization at runtime
• [UNDERTOW-889] - Make ServletPrintWriterDelegate use Unsafe rather than ReflectionFactory
• [UNDERTOW-891] - Resumed and dispatched when using FormDataParser
• [UNDERTOW-893] - Websocket ThreadSetupAction's are called twice for annotated endpoints
• [UNDERTOW-894] - Undertow fails to respond for big compressed websocket messages
• [UNDERTOW-895] - Improve MAX_PARAMETERS and MAX_HEADERS handling
• [UNDERTOW-896] - HTTP/2 should not be offered as an option if TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 is not present
• [UNDERTOW-897] - Framed channels can enter busy loop
• [UNDERTOW-898] - Failover targets should be chosen deterministically
• [UNDERTOW-903] - Exchange dispatch does not handle RejectedExecutionException
• [UNDERTOW-904] - Accumulating zombi socket when HTTP/2 is enabled
• [UNDERTOW-905] - Undertow balancer ignores maxAttempts atribute
• [UNDERTOW-909] - Session invalidation not reflected when coming from another concurrent request
• [UNDERTOW-910] - Task failed with an exception RejectedExecutionException
• [UNDERTOW-911] - Undertow should initalize the tmp directory before running SCIs
• [UNDERTOW-912] - Undertow allows to deploy duplicated URLs on Servlets
• [UNDERTOW-916] - PUT method does not provide form parameters
• [UNDERTOW-918] - Improve access logging output for Remote host (%h) and Remote IP (%a)
• [UNDERTOW-923] - NO_REQUEST_TIMEOUT does not work for HTTP/2
• [UNDERTOW-925] - Sender should detect if the user is attempting to send more than the content length
• [UNDERTOW-926] - Undertow connection may not be closed on IO exception in some circumstances
• [UNDERTOW-927] - Undertow builder does not work for HTTP if the SslContext is not specified
• [UNDERTOW-928] - CrawlerSessionManagerHandler throws NullPointerException
• [UNDERTOW-930] - Setting default encoding doesn't affect HttpServletRequest.characterEncoding
• [UNDERTOW-931] - UnsupportedOperationException in ChannelUpgradeHandler.removeProtocol
• [UNDERTOW-932] - mod_cluster hot standby workers are always in error mode resulting in 503
• [UNDERTOW-933] - HttpRequestParser should throw BadRequestException if there are too many query parameters
• [UNDERTOW-935] - Decoded requests still have Content-Encoding set
• [UNDERTOW-938] - Potential concurrent ConcurrentModificationException when calling AbstractFramedChannel.markReadsBroken
• [UNDERTOW-940] - ResourceHandler sets cache headers regardless of status code
• [UNDERTOW-941] - Wrong type on ListenerInfo.getListenerClass
• [UNDERTOW-947] - MCMP with Connection: Keep-Alive
• [UNDERTOW-948] - HttpClientConnection may not be closed properly on IOException when reading
• [UNDERTOW-949] - URLUtils.decode can fail to handle / characters properly if they immediatly follow an encoded character
• [UNDERTOW-950] - UT005071: Undertow request failed HttpServerExchange
• [UNDERTOW-953] - HTTP/2 frame size calc can be off by one if padding is in use
• [UNDERTOW-954] - transferFrom(final FileChannel src, final long position, final long count) can corrupt conent in some situations
• [UNDERTOW-955] - HTTP/2 continue responses may not flush correctly, resulting in no notification that it has been sent
• [UNDERTOW-958] - FORM authentication fails to change URL session id after login
• [UNDERTOW-960] - Log message on connection timeout is wrong
• [UNDERTOW-961] - File descriptors leak in MultiPartParserDefinition
• [UNDERTOW-966] - Finished listener might not be called if fixed length channel is terminated early
• [UNDERTOW-967] - Range requests do not handle ranges that exceed the resource content length correctly
• [UNDERTOW-972] - Reverse proxy does not send AJP remote address attribute (only remote host)
• [UNDERTOW-976] - SingleSignOnAuthenticationMechanism fails to destroy SSO following session invalidation if session was registered with SSO on remote node
• [UNDERTOW-980] - servlet-name '*' is not recognised for filter mappings
• [UNDERTOW-981] - ProxyPeerAddressHandler should filter default ports of a scheme
• [UNDERTOW-986] - HTTP2 listener doesn't respect MAX_HEADER_SIZE setting
• [UNDERTOW-988] - DefaultIoCallback#onException should log the IOException
• [UNDERTOW-989] - io.undertow.server.handlers.ReceiverTestCase.testAsyncReceivePartialBytes failing on Windows
• [UNDERTOW-993] - Name of Multipart Parts is parsed incorrectly when filename property comes first
• [UNDERTOW-994] - ajp connection hangs if a post HTTP request header contains 'Transfer-Encoding: chunked'
• [UNDERTOW-995] - Jetty ALPN listener does not call ALPN.remove if the protocol is unsupported
• [UNDERTOW-996] - Undertow can leak connections when using SSL if the SSLEngine creation fails for whatever reason
• [UNDERTOW-997] - http2 implementation in Undertow fails some RFC compliancy checks
• [UNDERTOW-998] - Connection is closed without HTTP response when the headers are bigger than defined header-size
• [UNDERTOW-999] - Default HTTP/2 (=> no openssl provider used) doesn't work with curl
• [UNDERTOW-1000] - Web Socket EncodingFactory does not resolve correct type
• [UNDERTOW-1003] - If an existing session id is present Undertow should check other session managers to see if it exists
• [UNDERTOW-1005] - max-parameters limit on listener value results in accepting up to max-parameters+1 value
• [UNDERTOW-1006] - JSESSIONID not trusted by CachedAuthenticatedSessionHandler
• [UNDERTOW-1008] - Charset is not parsed correctly if there is no whitespace after the delimiter
• [UNDERTOW-1009] - SSLHeaderHandler should not require base64 SSL_SESSION_ID
• [UNDERTOW-1011] - Undertow doesn't process HTTPS request sometimes
• [UNDERTOW-1012] - NPE when removing node
• [UNDERTOW-1014] - When close() is called on a client connection any pending requests may not be notified of failure
• [UNDERTOW-1016] - Mod-cluster filter throws NPE on processing IPv6 zone interface id with a subinterface
• [UNDERTOW-1020] - AjpRequestParser does not output any log message when exceeding max-parameters/max-headers
• [UNDERTOW-1021] - AJP listener should log at DEBUG level when handling 400 Bad Request like wrong magic number and invalid Content-Length
• [UNDERTOW-1027] - Elytron + TLSv1.1 + wrap attribute to false results in empty reply from server
• [UNDERTOW-1031] - Client side of ALPN implementation will fail verification if the server does not support ALPN
• [UNDERTOW-1032] - Inadequate security with Elytron + HTTP2
• [UNDERTOW-1034] - IllegalStateException: UT000002: The response has already been started
• [UNDERTOW-1037] - HttpClientConnection only attempts h2 upgrade on GET requests
• [UNDERTOW-1038] - Http2ClientConnection will always add the x-forwarded-proto header
• [UNDERTOW-1039] - HTTP2 upgrade handler cannot deal with a request body
• [UNDERTOW-1040] - Request scheme attribute is not writable
• [UNDERTOW-1045] - HTTP/2 stream sink channels may not be correctly terminated on an unclean close in some cases
• [UNDERTOW-1048] - Http2ClientConnection should not attempt to flush in sendRequest
• [UNDERTOW-1056] - HTTP/2 completion listener may not be called if channel is forcibly closed
• [UNDERTOW-1063] - Potential NPE in chunked stream source conduit in proxy
• [UNDERTOW-1064] - Extended log: problem with decoding x-A/R/S/P(XXX) log options
• [UNDERTOW-1065] - When using HTTP/2 the request complete listener can be invoked from the IO thread which can result in a race
• [UNDERTOW-1066] - HTTP upgrade based version of HTTP2ClientConnection does not setup close listener correctly
• [UNDERTOW-1068] - HTTP client connection does not correctly handle HTTP/1.0 responses that are not keep alive
• [UNDERTOW-1069] - FixedLengthStreamSourceConduit may not wakeupReads if all data has been read but -1 has not yet been returned
• [UNDERTOW-1070] - rewrite handler produces invalid URLs when used with query part
• [UNDERTOW-1071] - Reverse proxy does not work for POST requests when HTTP/2 is in use on the front end
• [UNDERTOW-1074] - Deadlock in Http2Channel
• [UNDERTOW-1075] - handleIfUnmodifiedSince refers to handleIfModifiedSince
• [UNDERTOW-1076] - HTTP/2 might send the END_STREAM flag on the second last frame instead of the last one
• [UNDERTOW-1078] - Undertow statistics collector can break in certain non-standard usecases
• [UNDERTOW-1081] - URLResource leaks file descriptors when reading the content length and last modified
• [UNDERTOW-1084] - Accidental dispatch on IO thread when using EagerFormParsingHandler
• [UNDERTOW-1085] - ServletSecurityRoleHandler throws NullPointerException
• [UNDERTOW-1092] - ReadListener.onAllDataRead is not always called
• [UNDERTOW-1093] - XnioByteBufferPool should use DefaultBufferPool for its heap buffers
• [UNDERTOW-1095] - Add optional support for RFC6265 compliant cookie validation
• [UNDERTOW-1096] - Add correct quoting to the cookie for a backward compatible behavior to EAP 6 (JBossWeb)
• [UNDERTOW-1099] - Thread safety issue with GracefulShutdownHandler#decrementRequests
• [UNDERTOW-1102] - Issue with SSLConduit close handling
• [UNDERTOW-1103] - Servlet 3.1 WriteListener causes incorrect data
• [UNDERTOW-1104] - FormEncodedDataDefinition uses request logger for IOException
• [UNDERTOW-1106] - Change default of REQUIRE_HOST_HTTP11 to true
• [UNDERTOW-1107] - UT005085 can be generated in some circumstances
• [UNDERTOW-1109] - Logging problem in PathResourceManager
• [UNDERTOW-1110] - CachedResourceManager may not invalidate correctly
• [UNDERTOW-1111] - Undertow does not respect javax.servlet.SessionCookieConfig#getMaxAge contract
• [UNDERTOW-1113] - Servlet 3.1 ReadListener/ServletInputStreamImpl are not threadsafe
• [UNDERTOW-1114] - NPE in io.undertow.client
• [UNDERTOW-1128] - Undertow not serving local content on Windows 10
• [UNDERTOW-1132] - [GSS] Filter.doFilter() is executed before Servlet.init() in Undertow while JBoss Web is the opposite
• [UNDERTOW-1134] - rewrite handler handles references to contextual values incorrect
• [UNDERTOW-1135] - Wrong schema extracted from x-forwarded-proto behind multiple upstream proxies
• [UNDERTOW-1136] - Undertow websocket server throws "UT002010: Received continuation data frame outside fragmented message"
• [UNDERTOW-1137] - Fix for UNDERTOW-432 does work correctly on windows systems
• [UNDERTOW-1139] - A not-accepted websocket extension kills the connection
• [UNDERTOW-1140] - Undertow don't call onAllDataRead of ReadListener if inputStream.read is called more times
• [UNDERTOW-1142] - Typo in log message
• [UNDERTOW-1145] - Undertow io.undertow.servlet.test.streams.ServletInputStreamTestCase gets stuck on Solaris
• [UNDERTOW-1147] - Cannot read multipart when filename with encoding info
• [UNDERTOW-1150] - Hpack ArrayOutOfBound exception when client sends invalid index
• [UNDERTOW-1151] - Session last accessed time should be updated at the start of the request and not the end
• [UNDERTOW-1152] - Undertow loggers contain unused log messages
• [UNDERTOW-1153] - Reverse proxy does not handle requests that include the hostname correctly
• [UNDERTOW-1154] - NPE when accessing via HttpClientConnection with wrong bad certificate
• [UNDERTOW-1155] - addHttpsListener ignores Key-/Trustmanagers
• [UNDERTOW-1156] - SslConduit.doUnwrap suppresses exceptions/problematic close handling
• [UNDERTOW-1157] - IOException in HttpClientConnection can result in NullPointerException if no request is active
• [UNDERTOW-1158] - Potential race in ServletInputStream state update
• [UNDERTOW-1160] - ServletPrintWriter.checkError does not flush
• [UNDERTOW-1162] - Possible race when HTTP pipelining is in use resulting in connection termination
• [UNDERTOW-1163] - Add a configurable parameter (system property) to accept comma (,) as Cookie delimiter
• [UNDERTOW-1164] - ServletOutputStreamImpl state updates can race if writes are being performed off the IO thread
• [UNDERTOW-1166] - PROXY protocol not to spec
• [UNDERTOW-1167] - HTTP/2 does not correctly send/receive trailers
• [UNDERTOW-1168] - Request trailers are not handled correctly when doing a HTTP/2 upgrade
• [UNDERTOW-1169] - HTTP client does not provide a method to send HTTP/2 pings
• [UNDERTOW-1173] - DefaultByteBufferPool leak detection percent is inverted
• [UNDERTOW-1174] - Exceptions thrown from async listeners may not be handled properly
• [UNDERTOW-1175] - RequestBufferingHandler can leak buffers on failure
• [UNDERTOW-1176] - Async servlet stream can leak buffers on failure
• [UNDERTOW-1177] - HTTP/2 streams are not terminated properly if trailers are present
• [UNDERTOW-1179] - Remove 'receivers' set from the framed channel implementation
• [UNDERTOW-1180] - Undertow is not cleaning up the resources, namely XnioWorker non daemon threads, which prevents JVM from terminating
• [UNDERTOW-1183] - ByteRangeHandler throws NullPointerException if Last-Modified header is missing
• [UNDERTOW-1185] - Undertow does not allow UTF-8 characters in URLs
• [UNDERTOW-1186] - Undertow does not enforce HTTP/2 max concurrent streams
• [UNDERTOW-1187] - java.lang.ClassNotFoundException: sun.misc.Cleaner
• [UNDERTOW-1192] - SSLConduit will not resume reads correctly if there is unwrapped data in the buffer
• [UNDERTOW-1193] - Mixing + and %20 in URL paths befuddles path parsing
• [UNDERTOW-1195] - correct value of FLUSH_PACKET_STRING in the mod_cluster MCMP implementation
• [UNDERTOW-1205] - move NodeConfig queueNewRequests and ttl defaults to ModCluster
• [UNDERTOW-1206] - MCMPHandler must convert ttl from seconds to milliseconds
• [UNDERTOW-1209] - Framed protocols have performance issues with default buffer sizes
• [UNDERTOW-1210] - mod_cluster NodePingUtil ping request is not valid
• [UNDERTOW-1211] - ProxyConnectionPool closes connection before it reaches its ttl
• [UNDERTOW-1213] - Undertow can throw NPE if start fails before worker is created
• [UNDERTOW-1214] - If a HTTP/2 request is closed because parameter validation fails the error is not handled cleanly
• [UNDERTOW-1216] - HTTP/2 channel may not call the close listener in some circumstances
• [UNDERTOW-1217] - Karaf build fails if artfiacts are not installed into local repo
• [UNDERTOW-1218] - Undertow Web-Socket when using Atmosphere
• [UNDERTOW-1219] - ProxyConnectionPool closes too many idle connections when they reach their ttl
• [UNDERTOW-1221] - url-charset="MS949" did not work in ajp-listener from EAP 7.0 CP3
• [UNDERTOW-1222] - modcluster Node getMaxCachedConnections should return maxConnections
• [UNDERTOW-1224] - ParseTimeoutUpdater and concurrency
• [UNDERTOW-1227] - Multi-part file exceeding limit error handling
• [UNDERTOW-1230] - Http2ClientConnection overwrites existing X_FORWARDED_FOR header
• [UNDERTOW-1233] - NPE on ListenerInfo.toString()
• [UNDERTOW-1234] - BlockingHandler doesn't report content-length if it fills more than one buffer
• [UNDERTOW-1237] - MultipartParser doesn't properly handle multi-line headers
• [UNDERTOW-1238] - if-match=* is not handled correctly
• [UNDERTOW-1239] - UnavailableException not handled correctly
• [UNDERTOW-1240] - Access log only logs first occurrence of a header
• [UNDERTOW-1241] - record-request-start-time does not work for HTTP/2
• [UNDERTOW-1244] - resumeReceives not always working for SSL-based WebSocketChannel
• [UNDERTOW-1245] - ALLOW_ENCODED_SLASH option not taken into account in the AjpRequestParser
• [UNDERTOW-1246] - AsyncContext.dispatch(jsp) does not send content to the wrapped response
• [UNDERTOW-1247] - Incorrect behaviour of HttpSession.getLastAccessedTime()
• [UNDERTOW-1249] - Unable to decode Binary Messages if Text Decoder is set
• [UNDERTOW-1251] - CVE-2017-2666 wildfly-undertow: undertow: HTTP Request smuggling vulnerability due to permitting invalid characters in HTTP requests [eap-7.0.5]
• [UNDERTOW-1256] - Allow special characters in HTTP request
• [UNDERTOW-1257] - Relative Path attribute does not correctly encode the request URI
• [UNDERTOW-1258] - IsAsyncStarted will not return true if complete() is called immediatly
• [UNDERTOW-1259] - A 100-continue response is still sent even if the content length is known to be zero
• [UNDERTOW-1261] - 'permessage-deflate' doesn't work on JSR WebSocket impl
• [UNDERTOW-1262] - Cross context session id propagation does not work if the session is new
• [UNDERTOW-1267] - add option to allow the modcluster advertise ttl to be set
• [UNDERTOW-1268] - '%v' field of AccessLog includes port in logged server name
• [UNDERTOW-1272] - PathTemplate does not handle trailing slashes correctly for template matches
• [UNDERTOW-1274] - Cross context session creation should not set a cookie, but rely on the original contexts cookie

Task

• [UNDERTOW-752] - Remove SPDY support
• [UNDERTOW-936] - Deprecate SimpleProxyClient
• [UNDERTOW-1228] - Deprecate io.undertow.UndertowOptions#HTTP2_SETTINGS_MAX_HEADER_LIST_SIZE

Support Request

• [UNDERTOW-1243] - Is Undertow Reverse Proxy non-blocking?

Enhancement

• [UNDERTOW-688] - Java 8 up the SessionListener interface.
• [UNDERTOW-711] - add trace logging to the SSO code in undertow
• [UNDERTOW-797] - Serve gzip encoded resources
• [UNDERTOW-803] - Enable findbugs as part of undertow build
• [UNDERTOW-842] - io.undertow.util.Sessions has duplicated code
• [UNDERTOW-929] - PathTemplateMatcher has inconsistent handling of the wildcard *
• [UNDERTOW-987] - Prepare Undertow for running in a Java 9 module environment
• [UNDERTOW-1050] - Provide information which ALPN provider is used
• [UNDERTOW-1061] - Provide metric attribute to see max number of concurrently active sessions for deployment
• [UNDERTOW-1073] - Add support for removing paths registered within RoutingHandler
• [UNDERTOW-1077] - Call doGet in DefaultServlet.doPost
• [UNDERTOW-1083] - Add getSslSession to ServerConnection
• [UNDERTOW-1108] - Warning when IPv6 address in not correctly encolsed
• [UNDERTOW-1126] - security debug logging is a little verbose
• [UNDERTOW-1131] - Do not return 'null' for the value when invalidating a cookie
• [UNDERTOW-1171] - Give the option to provide a buffer pool to the builder
• [UNDERTOW-1172] - Forcefully free direct buffers if the pool is full
• [UNDERTOW-1196] - match DUMP and INFO output of apache httpd mod_cluster
• [UNDERTOW-1200] - AjpClientConnection should handle a closed connection like HttpClientConnection
• [UNDERTOW-1204] - mod_cluster proxy: set default value of cacheConnections (smax) to 1
• [UNDERTOW-1212] - ProxyHandler should be created via a builder
• [UNDERTOW-1220] - Handling HTTP/1.0 protocol
• [UNDERTOW-1223] - Avoid mandatory to java.sql module
• [UNDERTOW-1225] - Add ability to set socket and server options at runtime
• [UNDERTOW-1229] - HttpClientConnection should use equalToString and prefix header constants
• [UNDERTOW-1232] - Servlet initialized before filters
• [UNDERTOW-1248] - Add %{RESPONSE_TIME_MICROS} as a supported attribute

Edit/Copy Release Notes

The text area below allows the project release notes to be edited and copied to another document.