[
https://issues.apache.org/jira/browse/TOMEE-2940?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17283809#comment-17283809
]
Richard Zowalla commented on TOMEE-2940:
----------------------------------------
The `Content-Type` is AFAIK checked in *cxf* (JAXRSUtils).
"-" is an invalid `Content-Type` according to RFC 7231 (missing the "/"), so I
guess, that some kind of exception should be thrown
> No header checks
> ----------------
>
> Key: TOMEE-2940
> URL: https://issues.apache.org/jira/browse/TOMEE-2940
> Project: TomEE
> Issue Type: Bug
> Components: TomEE Core Server
> Affects Versions: 8.0.5
> Reporter: François Courtault
> Priority: Critical
>
> Hello,
> Let's say that I have a method in a REST resouce file, with the following
> annotations:
> {color:#808000}@POST{color}
> {color:#808000}@Consumes{color}(\{"application/json"})
> @Produces(\{"application/json"})
> Response myMethod(final MyRequest myRequest) \{ ....}
> If use curl to target this method with the following header,I got the
> following responses:
> * *-H 'Content-Type: application/\-' : HTTP 415 error*
> * *-H 'Content-Type: -' : no HTTP error, expected to get the same error than
> above*
> * *-H 'Content-Type: -'* *and* *'Content-Length: 0' with a payload length >
> 0: no error except if we call myRequest.doSomthing() => NPE*****
> Don't think it's a good behavior, right ?
> Best Regards.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
