JBoss Remoting SVN: r5413 - remoting2/branches/2.2/src/main/org/jboss/remoting/transport/coyote. - jboss-remoting-commits

Monday, 31 August 2009


Author: ron.sigal(a)jboss.com
Date: 2009-08-31 23:00:06 -0400 (Mon, 31 Aug 2009)
New Revision: 5413

Modified:
   remoting2/branches/2.2/src/main/org/jboss/remoting/transport/coyote/CoyoteInvoker.java
Log:
JBREM-1101: Checks that application supplied content-type doesn't have LF or CR.

Modified:
remoting2/branches/2.2/src/main/org/jboss/remoting/transport/coyote/CoyoteInvoker.java
===================================================================
---
remoting2/branches/2.2/src/main/org/jboss/remoting/transport/coyote/CoyoteInvoker.java	2009-09-01
02:54:00 UTC (rev 5412)
+++
remoting2/branches/2.2/src/main/org/jboss/remoting/transport/coyote/CoyoteInvoker.java	2009-09-01
03:00:06 UTC (rev 5413)
@@ -436,10 +436,42 @@
          case Version.VERSION_2_2:
          {
             String responseContentType = (String)
response.get("Content-Type");
-            if(responseContentType == null)
+            if (responseContentType != null)
             {
-               responseContentType = responseObject == null ? req.getContentType() :
WebUtil.getContentType(responseObject);
+               if (isInvalidContentType(responseContentType))
+               {
+                  log.warn("Ignoring invalid content-type from
ServerInvocationHandler: " + responseContentType);
+                  if (responseObject == null)
+                  {
+                     responseContentType = req.getContentType();
+                     if (isInvalidContentType(responseContentType))
+                     {
+                        log.warn("Ignoring invalid content-type from request: "
+ responseContentType);
+                        responseContentType = WebUtil.getContentType(responseObject); 
+                     }
+                  }
+                  else
+                  {
+                     responseContentType = WebUtil.getContentType(responseObject); 
+                  }
+               }
             }
+            else
+            {
+               if (responseObject == null)
+               {
+                  responseContentType = req.getContentType();
+                  if (isInvalidContentType(responseContentType))
+                  {
+                     log.warn("Ignoring invalid content-type from request: " +
responseContentType);
+                     responseContentType = WebUtil.getContentType(responseObject); 
+                  }
+               }
+               else
+               {
+                  responseContentType = WebUtil.getContentType(responseObject); 
+               }
+            }
             res.setContentType(responseContentType);
             
             if (responseObject instanceof String)
@@ -1046,4 +1078,9 @@
       return new String(chars);
    }
 
+   
+   static private boolean isInvalidContentType(String contentType)
+   {
+      return contentType.indexOf('\n') + contentType.indexOf('\r') >
-2;
+   }
 }


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

JBoss Remoting SVN: r5413 - remoting2/branches/2.2/src/main/org/jboss/remoting/transport/coyote.