[DIRMINA-920] HTTP server decoding is broken - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.0.7
Fix Version/s: 2.0.8, 3.0.0-DEAD
Component/s: Protocol - HTTP
Labels:
- HTTP
- protocol
- states

Description

HTTP server decoding (aka HttpServerDecoder) is broken is several parts:
1) it make the assertion that PUT and POST request must have a non -zero length body. This is false, thing about REST request: an empty PUT request can be use to create a server initialized entry and an empty POST request can be used to change properties where the value is stored in the URL (/rest/1234/status/cancelled). In that case, an exception is thrown but the state is not reset so remaining decoding will fail
2) it also make the assumption that only PUT and POST request can have a body where I can't find a significant case but I tried a GET request with a body on Google (GPE), Microsoft (IIS) and Apache (Apache) and Google was the only server to reject the request as malformed.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

DIRMINA-920.patch
26/Nov/12 12:31
9 kB
Jeff Maury

Activity

People

Assignee:: Unassigned

Reporter:: Jeff Maury

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 26/Nov/12 09:11

Updated:: 24/May/19 16:06

Resolved:: 26/Nov/12 14:38