Uploaded image for project: 'Wicket'
  1. Wicket
  2. WICKET-1777

Overflow when setting Expires header in WebResource

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 1.3.4, 1.4-M3
    • 1.3.5, 1.4-RC1
    • wicket
    • None

    Description

      problematic code:

      response.setDateHeader("Expires", System.currentTimeMillis() + (getCacheDuration() * 1000));

      getCacheDuration() * 1000 is an integer operation causing an overflow if getCacheDuration() is set to be > MAX_INT/1000 seconds (approx. 25 days) which is by far less than the w3c recommendation for "never expires":

      "To mark a response as "never expires," an origin server sends an Expires date approximately one year from the time the response is sent. HTTP/1.1 servers SHOULD NOT send Expires dates more than one year in the future."
      http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21

      changing getCacheDuration() to return long or forcing a long operation fixes the problem:

      response.setDateHeader("Expires", System.currentTimeMillis() + getCacheDuration() * 1000L);

      Attachments

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            ivaynberg Igor Vaynberg
            sfussenegger Stefan Fussenegger
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - 5m
                5m
                Remaining:
                Remaining Estimate - 5m
                5m
                Logged:
                Time Spent - Not Specified
                Not Specified

                Issue deployment