[
https://issues.apache.org/jira/browse/JCR-4158?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16104493#comment-16104493
]
Julian Reschke commented on JCR-4158:
-------------------------------------
FWIW, the servlet API makes it extremely easy to get this wrong - any call to
{{ServletRequest.getInputStream()}} which doesn't *properly* handle the
{{Content-Encoding}} header field will be broken.
Properly handling {{Content-Encoding}} requires:
- to properly handle multiple header field instances
- to parse each field into distinct values (comma delimiter)
- to process *all* encoding values in the correct order
Doing this wrong might cause "harmless" errors (like request failing with
obscure 4xx or 5xx status codes), but also request apparently succeeding but
not doing what the caller intended (see example above).
> jackrabbit-server doesn't handle content-codings properly
> ---------------------------------------------------------
>
> Key: JCR-4158
> URL: https://issues.apache.org/jira/browse/JCR-4158
> Project: Jackrabbit Content Repository
> Issue Type: Bug
> Components: jackrabbit-jcr-server
> Affects Versions: 2.15.4
> Reporter: Julian Reschke
> Assignee: Julian Reschke
>
> test with jackrabbit-standalone:
> {noformat}
> curl -v -u admin:admin -H "content-encoding: foo" -T filename
> http://localhost:8080/repository/default/
> {noformat}
> This should result in a 4xx status (optimally 415).
> In general, all fields in content-coding must be processed, and any unknown
> field must cause a 4xx status.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
