[CXF-4056] Faults on server are echoing headers back to the client - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.5.2
Fix Version/s: 2.3.10, 2.4.7, 2.5.3
Component/s: Soap Binding
Labels:
None

Estimated Complexity:
Unknown

Description

The SoapHeaderOutFilterInterceptor that filters out the incoming headers is only installed on the Out chain. It's not installed on the OutFault chain. Thus, all the incoming headers are echoed back to the client which could result in WS-Addressing issues, security issues, etc...

Attachments

Activity

People

Assignee:: Daniel Kulp

Reporter:: Daniel Kulp

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 23/Jan/12 18:36

Updated:: 23/Apr/12 16:45

Resolved:: 23/Jan/12 20:27