The Apache Tomcat® software is an open source implementation of the Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies. The Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket specifications are developed under the Java Community Process.
The Apache Tomcat software is developed in an open and participatory environment and released under the Apache License version 2. The Apache Tomcat project is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open development project. To learn more about getting involved, click here.
Apache Tomcat software powers numerous large-scale, mission-critical web applications across a diverse range of industries and organizations. Some of these users and their stories are listed on the PoweredBy wiki page.
Apache Tomcat, Tomcat, Apache, the Apache feather, and the Apache Tomcat project logo are trademarks of the Apache Software Foundation.
Changelog Apache Tomcat 8.5.47
- Use URL safe base 64 encoding rather than standard base 64 encoding when generating or parsing the
HTTP2-Settingsheader as part of an HTTP upgrade to
h2cas required by RFC 7540. (markt)
- 63765: NIO2 should try to unwrap after TLS handshake to avoid edge cases. (remm)
- 63766: Ensure Processor objects are recycled when processing an HTTP upgrade connection that terminates before processing switches to the Processor for the upgraded protocol. (markt)
- 63781: When performing various checks related to the visibility of classes, fields an methods in the EL implementation, also check that the containing modeul has been exported. (markt)
- 63753: Ensure that the
Hostheader in a Web Socket HTTP upgrade request only contains a port if a non-default port is being used. (markt)
- When running on Java 9 and above, don’t attempt to instantiate WebSocket Endpoints found in modules that are not exported. (markt)
- Add Javadoc for the Common Annotations API implementation. (markt)
- When connections are validated without an explicit validation query, ensure that any transactions opened by the validation process are committed. Patch provided by Pascal Davoust. (markt)
org.apache.tomcat.util.compat.TLS. Its functionality was only used for unit tests in
org.apache.tomcat.util.net.TesterSupportand has been moved there. (rjung)
- 63759: When installing Tomcat with the Windows installer, grant sufficient privileges to enable the uninstaller to execute when user account control is active. (markt)
- Use a build property to define the minimum supported Java version and use that build property to reduce the number of edits required to update the minimum supported Java version. (markt)
- 63767: Update to Commons Daemon 1.2.2. This corrects a regression in Commons Daemon 1.2.0 and 1.2.1 that caused the Windows Service to crash on start when running on an operating system that had not been fully updated. (markt)