DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=41170>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41170 Summary: single crlf in header termination crashes app. Product: Tomcat 5 Version: 5.0.28 Platform: Other OS/Version: Windows Server 2003 Status: NEW Keywords: RFC Severity: normal Priority: P2 Component: Connector:AJP AssignedTo: tomcat-dev@jakarta.apache.org ReportedBy: [EMAIL PROTECTED] In modjk (latest version i could find ) for IIS there is a possible bug in function: static int JK_METHOD start_response(jk_ws_service_t *s, int status, const char *reason, const char *const *header_names, const char *const *header_values, unsigned int num_of_headers) { It creates a response buffer and it works fine if there are headers to send: if (num_of_headers) { ... else { however if there are no headers to send it merely sends a single crlf in the header buffer. headers_str = crlf; } } The description for HSE_REQ_SEND_RESPONSE_HEADER at: http://msdn.microsoft.com/library/default.asp?url=/library/en- us/iissdk/html/ad17aeb4-bb70-4755-83a2-c4cec7fa5ecb.asp "If you append your own headers to the server-generated headers, you must terminate the header string with an extra carriage return and linefeed." also seems to mean that once you have no headers to send then you need to make sure you terminate the header by adding an extra crlf (double crlf) as per the RFC So sending a single crlf would not be valid (browsers will ignore error this but we ran into an app called documentum that crashes while parsing the header.) Oddly enough IIS copes with and seems to correct the header (at least in Win2K3 SP1) except in one case and that is where another ISAPI filter is chained on and in the NOTIFY_SEND_RESPONSE and that filter READS the www-authenticate header!!! then IIS passes the buffer that mod_jk sends it transparently and the client sees the header with a single crlf. Appending an additional crlf when there is no header seems to take care of the problem. Hope this is enough detail please feel free to contact me ! all the Best Con . -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
