[jira] [Resolved] (CXF-5598) Header field name comparison not correct in CrossOriginResourceSharingFilter

Sergey Beryozkin (JIRA) Tue, 11 Mar 2014 06:00:26 -0700

     [ 
https://issues.apache.org/jira/browse/CXF-5598?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Sergey Beryozkin resolved CXF-5598.
-----------------------------------

       Resolution: Fixed
    Fix Version/s: 2.6.14
                   2.7.11
                   3.0.0
         Assignee: Sergey Beryozkin

> Header field name comparison not correct in CrossOriginResourceSharingFilter
> ----------------------------------------------------------------------------
>
>                 Key: CXF-5598
>                 URL: https://issues.apache.org/jira/browse/CXF-5598
>             Project: CXF
>          Issue Type: Bug
>          Components: JAX-RS, JAX-RS Security
>    Affects Versions: 2.7.10
>            Reporter: Antonio Sargento
>            Assignee: Sergey Beryozkin
>              Labels: cors
>             Fix For: 3.0.0, 2.7.11, 2.6.14
>
>
> The CrossOriginResourceSharingFilter is not handled correctly the header 
> field name comparison (ex: method effectiveAllowHeaders).
> On RFC 2616, "Hypertext Transfer Protocol -- HTTP/1.1", 4.2, "Message 
> Headers":
> {panel}
> Each header field consists of a name followed by a colon (":") and the field 
> value. Field names are case-insensitive.
> {panel}.
> Even http://www.w3.org/TR/cors points that on 3. "Terminology" (ASCII 
> case-insensitive match).



--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Resolved] (CXF-5598) Header field name comparison not correct in CrossOriginResourceSharingFilter

Reply via email to