Author: markt
Date: Sat Jun 13 20:31:13 2009
New Revision: 784465
URL: http://svn.apache.org/viewvc?rev=784465&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=46552
Return a 400 rather than a 200 if headers are too large
Modified:
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/Http11Processor.java
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/InternalAprInputBuffer.java
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/InternalInputBuffer.java
tomcat/container/tc5.5.x/webapps/docs/changelog.xml
Modified:
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/Http11Processor.java
URL:
http://svn.apache.org/viewvc/tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/Http11Processor.java?rev=784465&r1=784464&r2=784465&view=diff
==============================================================================
---
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/Http11Processor.java
(original)
+++
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/Http11Processor.java
Sat Jun 13 20:31:13 2009
@@ -842,10 +842,6 @@
log.debug(sm.getString("http11processor.header.parse"), t);
}
// 400 - Bad Request
- if (log.isDebugEnabled()) {
- log.debug(sm.getString("http11processor.request.prepare")+
- " host header missing");
- }
response.setStatus(400);
error = true;
}
Modified:
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/InternalAprInputBuffer.java
URL:
http://svn.apache.org/viewvc/tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/InternalAprInputBuffer.java?rev=784465&r1=784464&r2=784465&view=diff
==============================================================================
---
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/InternalAprInputBuffer.java
(original)
+++
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/InternalAprInputBuffer.java
Sat Jun 13 20:31:13 2009
@@ -825,7 +825,7 @@
if (parsingHeader) {
if (lastValid == buf.length) {
- throw new IOException
+ throw new IllegalArgumentException
(sm.getString("iib.requestheadertoolarge.error"));
}
Modified:
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/InternalInputBuffer.java
URL:
http://svn.apache.org/viewvc/tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/InternalInputBuffer.java?rev=784465&r1=784464&r2=784465&view=diff
==============================================================================
---
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/InternalInputBuffer.java
(original)
+++
tomcat/connectors/trunk/http11/src/java/org/apache/coyote/http11/InternalInputBuffer.java
Sat Jun 13 20:31:13 2009
@@ -765,7 +765,7 @@
if (parsingHeader) {
if (lastValid == buf.length) {
- throw new IOException
+ throw new IllegalArgumentException
(sm.getString("iib.requestheadertoolarge.error"));
}
Modified: tomcat/container/tc5.5.x/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/webapps/docs/changelog.xml?rev=784465&r1=784464&r2=784465&view=diff
==============================================================================
--- tomcat/container/tc5.5.x/webapps/docs/changelog.xml (original)
+++ tomcat/container/tc5.5.x/webapps/docs/changelog.xml Sat Jun 13 20:31:13 2009
@@ -115,6 +115,10 @@
<bug>46408</bug>: Correct possible invalid case in SecurityUtil.
(markt)
</fix>
<fix>
+ <bug>46552</bug>: Return a 400 response rather than a 200 response if
+ the request headers are too large. (markt)
+ </fix>
+ <fix>
<bug>46597</bug>: Port all cookie handling changes from Tomcat 6.0.x.
(markt)
</fix>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
