[
https://issues.apache.org/activemq/browse/AMQ-2817?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dejan Bosanac resolved AMQ-2817.
--------------------------------
Assignee: Dejan Bosanac
Fix Version/s: 5.4.0
Resolution: Fixed
Patch applied (svn revision 962512) with thanks!
> STOMP headers need sanitization
> -------------------------------
>
> Key: AMQ-2817
> URL: https://issues.apache.org/activemq/browse/AMQ-2817
> Project: ActiveMQ
> Issue Type: Bug
> Components: Transport
> Affects Versions: 5.3.2
> Reporter: James Casey
> Assignee: Dejan Bosanac
> Priority: Minor
> Fix For: 5.4.0
>
> Attachments: headers.patch
>
>
> Currently STOMP on a SEND extracts out the JMS headers and put the rest of
> the headers into the message properties. If a STOMP consumer starts to
> consume the messages, the JMS fields are put into the header and the the
> properties are put in. This can lead to a situation where if the client has
> provided a header that it shouldn't have (e.g. message-id) it overwrites the
> one provided by the broker.
> This can lead to problems with e.g. ACKs where the wrong message-id is sent
> back.
> This patch sanitizes all headers for a MESSAGE frame when they come into the
> broker so they never get set in the properties.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
