[jboss-jira] [JBoss JIRA] (WFWIP-269) Headers should not be added if header name contains a colon
Darran Lofthouse (Jira)
issues at jboss.org
Tue Nov 19 08:06:00 EST 2019
[ https://issues.jboss.org/browse/WFWIP-269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13814834#comment-13814834 ]
Darran Lofthouse commented on WFWIP-269:
----------------------------------------
For header names we have a description of allowed values here: -
https://tools.ietf.org/html/rfc2616#page-15
https://tools.ietf.org/html/rfc2616#page-31
I am going to go ahead and add validation that the names specified correspond to the definition.
> Headers should not be added if header name contains a colon
> -----------------------------------------------------------
>
> Key: WFWIP-269
> URL: https://issues.jboss.org/browse/WFWIP-269
> Project: WildFly WIP
> Issue Type: Bug
> Components: Security
> Reporter: Tomas Terem
> Assignee: Darran Lofthouse
> Priority: Blocker
> Labels: management
>
> Execute:
> {code:java}
> /core-service=management/management-interface=http-interface:write-attribute(name=constant-headers, value=[{path=/management, headers=[{name=A:B, value=C}]}])
> {code}
> Response now has header 'A' with value 'B: C', but user wanted header 'A:B' with value 'C'. Colon can't be part of the header name, so users should be warned about it and no headers should be added.
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
More information about the jboss-jira
mailing list