[
https://issues.apache.org/jira/browse/DISPATCH-1784?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17223102#comment-17223102
]
ASF GitHub Bot commented on DISPATCH-1784:
------------------------------------------
kgiusti closed pull request #904:
URL: https://github.com/apache/qpid-dispatch/pull/904
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
> HTTP1.x adaptor does not handle folded header lines
> ---------------------------------------------------
>
> Key: DISPATCH-1784
> URL: https://issues.apache.org/jira/browse/DISPATCH-1784
> Project: Qpid Dispatch
> Issue Type: Bug
> Components: Protocol Adaptors
> Affects Versions: 1.15.0
> Reporter: Ken Giusti
> Assignee: Ken Giusti
> Priority: Blocker
> Labels: HTTP/1.x
> Fix For: 1.15.0
>
>
> The HTTP1/x codec does not recognize headers that are "folded" as described
> in RFC1945 (HTTP/1.0 - see below) and produces undefined behavior (garbled
> headers) if encountered in the input stream.
>
> The codec needs to handle folded headers gracefully. At minimum reject (400
> "Bad Request") requests, but ideally simply remove the folding as described
> below.
>
> From RFC1945:
>
> {quote}HTTP/1.0 headers may be folded onto multiple lines if each
> continuation line begins with a space or horizontal tab. All linear
> whitespace, including folding, has the same semantics as SP. LWS = [CRLF] 1*(
> SP | HT ) However, folding of header lines is not expected by some
> applications, and should not be generated by HTTP/1.0 applications.
> {quote}
>
> From RFC7230:
>
> {quote}Historically, HTTP header field values could be extended over multiple
> lines by preceding each extra line with at least one space or horizontal tab
> (obs-fold). This specification deprecates such line folding except within the
> message/http media type...
> {quote}
>
> {quote}A server that receives an obs-fold in a request message that is not
> within a message/http container MUST either reject the message by sending a
> 400 (Bad Request), preferably with a representation explaining that obsolete
> line folding is unacceptable, or replace each received obs-fold with one or
> more SP octets prior to interpreting the field value or forwarding the
> message downstream...
> {quote}
>
> {quote}A user agent that receives an obs-fold in a response message that is
> not within a message/http container MUST replace each received obs-fold with
> one or more SP octets prior to interpreting the field value.
> {quote}
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
