[Bug 54457] New: HTTP status codes for errors getting overwritten with status code 500

Mon, 21 Jan 2013 11:32:02 -0800 

https://issues.apache.org/bugzilla/show_bug.cgi?id=54457

            Bug ID: 54457
           Summary: HTTP status codes for errors getting overwritten with
                    status code 500
           Product: Tomcat 7
           Version: trunk
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Catalina
          Assignee: dev@tomcat.apache.org
          Reporter: jsch...@amazon.com
    Classification: Unclassified

In the AbstractHttp11Processor class, errors that occur during the parsing of
headers don't result in the correct HTTP status code. The status codes are
always being overwritten with a status of 500.  

For example when errors occurs during the processing of HTTP headers, it is
caught in the following block of code.  This code sets the HTTP status to 400
and sets the 'error' boolean to true.

963     } catch (Throwable t) {
964     ExceptionUtils.handleThrowable(t);
965     if (getLog().isDebugEnabled()) {
966     getLog().debug(
967     sm.getString("http11processor.header.parse"), t);
968     }
969     // 400 - Bad Request
970     response.setStatus(400);
971     adapter.log(request, response, 0);
972     error = true;
973     }

Later on in the same method, if error is true it sets the HTTP status to 500
which clobbers the HTTP status of 400 from above. 

1053     // If there was an error, make sure the request is counted as
1054     // and error, and update the statistics counter
1055     if (error) {
1056     response.setStatus(500);
1057     }

The same problem occurs for HTTP status codes set on the following lines:
937     response.setStatus(503);
970     response.setStatus(400);
987     response.setStatus(400);

The following patch seems to fix the problem.  Basically if an error has
occurred but the HTTP status code is still 'OK', then set the status to 500.

--- java/org/apache/coyote/http11/AbstractHttp11Processor.java      2012-07-30
00:00:00.000000000 0000
+++ java/org/apache/coyote/http11/AbstractHttp11Processor.java      2012-07-30
00:00:00.000000000 0000
@@ -1050,7 +1058,9 @@

             // If there was an error, make sure the request is counted as
             // and error, and update the statistics counter
-            if (error) {
+            // Don't update change the response status for an error 
+            // if one has already been set 
+            if (error && response.getStatus() == 200) {
                 response.setStatus(500);
             }
             request.updateCounters();

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to