Florian Müller commented on CMIS-1001:

Your patch only covers the createDocument and the checkIn operations of the 
Browser Binding. In both cases, the stream is embedded in a multipart message. 
If a stream gets really corrupted, the multipart message cannot be parsed and 
OpenCMIS rejects the call anyway. Your patch only protects the server from 
small corruptions that only happen when the content part is transferred.

Additionally, the Content-MD5 header is Base64 encoded, not Hex encoded. (see 
RFC 1864)

> Parse Content-MD5 Mime Header and use it for validation if present
> ------------------------------------------------------------------
>                 Key: CMIS-1001
>                 URL: https://issues.apache.org/jira/browse/CMIS-1001
>             Project: Chemistry
>          Issue Type: Improvement
>          Components: opencmis-server
>    Affects Versions: OpenCMIS 1.0.0
>            Reporter: Ron Gavlin
>            Priority: Minor
> Sometimes content streams get corrupted over the wire. Content stream hashes 
> are often used to protect against these corruptions.
> Apache Chemistry OpenCMIS should validate contentStream input to AtomPub and 
> Browser Binding CMIS operations, including setContentStream, 
> appendContentStream, checkIn, and createDocument, by comparing the content 
> stream MD5 hash against a Content-MD5 MIME header if present. A CMIS 
> invalidArgument exception should be thrown if the hashes are not equal.

This message was sent by Atlassian JIRA

Reply via email to