Avoid CR / LF when setting the X-Application-Error-Info HTTP header value
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/2a611ced Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/2a611ced Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/2a611ced Branch: refs/heads/master Commit: 2a611ced3006d6043892e910142f617e2b626aa6 Parents: 032fdf5 Author: Francesco Chicchiriccò <ilgro...@apache.org> Authored: Wed Apr 26 17:38:54 2017 +0200 Committer: Francesco Chicchiriccò <ilgro...@apache.org> Committed: Wed Apr 26 17:39:03 2017 +0200 ---------------------------------------------------------------------- .../org/apache/syncope/common/lib/types/ClientExceptionType.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/syncope/blob/2a611ced/common/lib/src/main/java/org/apache/syncope/common/lib/types/ClientExceptionType.java ---------------------------------------------------------------------- diff --git a/common/lib/src/main/java/org/apache/syncope/common/lib/types/ClientExceptionType.java b/common/lib/src/main/java/org/apache/syncope/common/lib/types/ClientExceptionType.java index 86bae14..9954b9b 100644 --- a/common/lib/src/main/java/org/apache/syncope/common/lib/types/ClientExceptionType.java +++ b/common/lib/src/main/java/org/apache/syncope/common/lib/types/ClientExceptionType.java @@ -98,7 +98,8 @@ public enum ClientExceptionType { } public String getInfoHeaderValue(final String value) { - return name() + ":" + value; + // HTTP header values cannot contain CR / LF + return (name() + ":" + value).replaceAll("(\\r|\\n)", " "); } public Response.Status getResponseStatus() {