You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@wicket.apache.org by "uwe.schaefer (JIRA)" <ji...@apache.org> on 2014/01/07 16:38:50 UTC
[jira] [Created] (WICKET-5463)
RequestUtil.getCharset(HttpServletRequest request) Resilience against
unsupported Charsets in Request
uwe.schaefer created WICKET-5463:
------------------------------------
Summary: RequestUtil.getCharset(HttpServletRequest request) Resilience against unsupported Charsets in Request
Key: WICKET-5463
URL: https://issues.apache.org/jira/browse/WICKET-5463
Project: Wicket
Issue Type: Improvement
Components: wicket
Affects Versions: 6.11.0
Environment: Tomcat 6.0.37
Reporter: uwe.schaefer
Priority: Minor
RequestUtil.getCharset(HttpServletRequest request) should not throw java.nio.charset.UnsupportedCharsetException but default to getDefaultCharset() or throw an Exception that leads
---- long version:
crawling our logs, we found the above exception as a result of a weird
request that set the following headers on a GET request:
Content-Type: text/html; charset=auto
I don't know which UserAgent sent that, but it happened and brought the
following exception on tomcat 6.0.37:
{code}
java.nio.charset.UnsupportedCharsetException: auto
at java.nio.charset.Charset.forName(Charset.java:543)
at
org.apache.wicket.protocol.http.RequestUtils.getCharset(RequestUtils.java:195)
at
org.apache.wicket.protocol.http.servlet.ServletWebRequest.getCharset(ServletWebRequest.java:476)
at
org.apache.wicket.protocol.http.servlet.ServletWebRequest.getContextRelativeUrl(ServletWebRequest.java:209)
at
org.apache.wicket.protocol.http.servlet.ServletWebRequest.<init>(ServletWebRequest.java:113)
at
org.apache.wicket.protocol.http.servlet.ServletWebRequest.<init>(ServletWebRequest.java:83)
at
org.apache.wicket.protocol.http.WebApplication.newWebRequest(WebApplication.java:448)
at
org.apache.wicket.protocol.http.WebApplication.createWebRequest(WebApplication.java:493)
at
org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:196)
at
org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:282)
{code}
even though we are not aware of the semantics of the above header, it
can happen.
to work around we extended a ServletWebRequest to add
{code}
public Charset getCharset() {
try {
return super.getCharset();
} catch (UnsupportedCharsetException ignore) {
return getDefaultCharset();
}
}
{code}
Now we are wondering, if RequestUtils:
{code}
public static Charset getCharset(HttpServletRequest request)
{
Charset charset = null;
if (request != null)
{
String charsetName = request.getCharacterEncoding();
if (charsetName != null)
{
charset = Charset.forName(charsetName);
}
}
if (charset == null)
{
charset = getDefaultCharset();
}
return charset;
}
{code}
should be more resilient to weird charsetNames coming from the container
(like 'auto' in our example) and return the default charset or a better
Exception that by default is mapped to HTTP StatusCode 406 ?
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)