(camel) branch main updated: chore(components): use normalized charset in servlet

Fri, 17 Oct 2025 15:11:40 -0700 

This is an automated email from the ASF dual-hosted git repository.

pcongiusti pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel.git


The following commit(s) were added to refs/heads/main by this push:
     new 10f05e82ac51 chore(components): use normalized charset in servlet
10f05e82ac51 is described below

commit 10f05e82ac51b50ea531509923d564ab829bf24c
Author: Pasquale Congiusti <[email protected]>
AuthorDate: Mon Oct 6 12:09:00 2025 +0200

    chore(components): use normalized charset in servlet
    
    Avoid potential security flaws
---
 .../apache/camel/component/jetty/CamelContinuationServlet.java   | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git 
a/components/camel-jetty-common/src/main/java/org/apache/camel/component/jetty/CamelContinuationServlet.java
 
b/components/camel-jetty-common/src/main/java/org/apache/camel/component/jetty/CamelContinuationServlet.java
index ffbb513e3c37..2697e1f6c482 100644
--- 
a/components/camel-jetty-common/src/main/java/org/apache/camel/component/jetty/CamelContinuationServlet.java
+++ 
b/components/camel-jetty-common/src/main/java/org/apache/camel/component/jetty/CamelContinuationServlet.java
@@ -17,7 +17,6 @@
 package org.apache.camel.component.jetty;
 
 import java.io.IOException;
-import java.nio.charset.Charset;
 import java.util.Iterator;
 import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
@@ -43,6 +42,7 @@ import org.apache.camel.http.common.HttpConsumer;
 import org.apache.camel.http.common.HttpMessage;
 import org.apache.camel.spi.UnitOfWork;
 import org.apache.camel.support.ObjectHelper;
+import org.apache.camel.util.IOHelper;
 import org.apache.camel.util.UnsafeUriCharactersEncoder;
 
 /**
@@ -201,10 +201,9 @@ public class CamelContinuationServlet extends CamelServlet 
{
                 exchange.setProperty(Exchange.DISABLE_HTTP_STREAM_CACHE, 
Boolean.TRUE);
             }
 
-            String charset = request.getCharacterEncoding();
-            if (charset != null && Charset.isSupported(charset)) {
-                exchange.setProperty(ExchangePropertyKey.CHARSET_NAME, 
charset);
-            }
+            String normalizedCharset = 
IOHelper.getCharsetNameFromContentType(contentType);
+            exchange.setProperty(ExchangePropertyKey.CHARSET_NAME, 
normalizedCharset);
+
             // reuse existing http message if pooled
             Message msg = exchange.getIn();
             if (msg instanceof HttpMessage) {

Reply via email to