Mark Thomas
Mark Thomas
I'm also not a fan of adding a CDI dependency to the Servlet spec. Reading through the CDI spec again my reading of section 5.4 is that the expected behaviour...
The discussion diverged from the original question, which I believe has been answered.
Thinking specifically about HTTP header values: From the HTTP spec: > Historically, HTTP has allowed field content with text in the > ISO-8859-1 charset [ISO-8859-1], supporting other charsets only >...
+1 While I don't see any reason an application would want to do that, I also don't see any reason to limit it.
Good point. Updated.
It is still present in Java 21 so that isn't an issue yet. And folks that want a 2.1 API without any SecurityManager calls can always use 2.1.0 once it...
I'm not seeing anything in the Javadoc (looking at Java 21 the most recent available) that would justify any Java implementation providing anything other than the pre-deprecation behaviour. Can you...
I have no objection to handling the removal of the `SecurityManager` functionality once we know what that looks like but at this point all we can do is guess what...
So, options: 1) do nothing 1) release 2.1.1 as-is (a first RC is on staging now for review) 1) refactor the current implementation to handle what might go wrong in...
> My impression is that SecurityManager is a dummy since JDK 17 and can be left from the code since then. Reviewing the SecurityManager and associated implementations in the latest...