You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2023/05/03 06:26:40 UTC
[Bug 66591] New: HttpResponse without any header generates corrupted AJP messages
https://bz.apache.org/bugzilla/show_bug.cgi?id=66591
Bug ID: 66591
Summary: HttpResponse without any header generates corrupted
AJP messages
Product: Tomcat 9
Version: 9.0.74
Hardware: All
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Connectors
Assignee: dev@tomcat.apache.org
Reporter: conny.martin@t-systems.com
Target Milestone: -----
Fix for bug 66512 caused an issue in one of our applications, which does not
set any response header at all. At a first glance no RFC defines that one MUST
set some http header. But we definitely "should".
So this "Bug" is only to bring this to your attention. At least there should be
an appropriate error message instead of generating corrupted AJP messages.
KR Conny
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 66591] HttpResponse without any header generates corrupted AJP messages
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=66591
--- Comment #4 from Conny Seifert <co...@t-systems.com> ---
Created attachment 38551
--> https://bz.apache.org/bugzilla/attachment.cgi?id=38551&action=edit
minimal testcase
attached app returns string "test" without any headers.
In case of failure output looks like this
00000000: 0065 7374 .est
At least when using apache http with mod_proxy_ajp
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 66591] HttpResponse without any header generates corrupted AJP messages
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=66591
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #6 from Mark Thomas <ma...@apache.org> ---
Fixed in:
- 11.0.x for 11.0.0-M6 onwards
- 10.1.x for 10.1.9 onwards
- 9.0.x for 9.0.75 onwards
- 8.5.x for 8.5.89 onwards
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 66591] HttpResponse without any header generates corrupted AJP messages
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=66591
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |NEEDINFO
--- Comment #2 from Mark Thomas <ma...@apache.org> ---
I've tried to recreate this locally but am unable to. Specifically, I have not
been able to write a Servlet that causes Tomcat to send an AJP response with no
headers.
Please provide the simplest test case that recreates this issue from a clean
install of the latest release of any supported version of Tomcat (8.5.x, 9.0.x,
10.1.x or 11.0.x as I write this).
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
Re: [Bug 66591] HttpResponse without any header generates corrupted AJP messages
Posted by koteswara Rao Gundapaneni <ko...@gmail.com>.
Dear team,
Server might sends message headers for the request done by client
Here the response might be empty atheist I considered it a servlet
Regards
Koti
On Wed, 3 May 2023, 14:43 , <bu...@apache.org> wrote:
> https://bz.apache.org/bugzilla/show_bug.cgi?id=66591
>
> --- Comment #1 from Mark Thomas <ma...@apache.org> ---
> Thanks for the report.
>
> My reading of RFC 9110 (section 3.4) is that responses do not require
> headers.
> I am a little curious how the fix for bug 66512 triggered this but it does
> look
> like a bug.
>
> I'm working on this now.
>
> --
> You are receiving this mail because:
> You are the assignee for the bug.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: dev-help@tomcat.apache.org
>
>
[Bug 66591] HttpResponse without any header generates corrupted AJP messages
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=66591
--- Comment #1 from Mark Thomas <ma...@apache.org> ---
Thanks for the report.
My reading of RFC 9110 (section 3.4) is that responses do not require headers.
I am a little curious how the fix for bug 66512 triggered this but it does look
like a bug.
I'm working on this now.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 66591] HttpResponse without any header generates corrupted AJP messages
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=66591
--- Comment #3 from Conny Seifert <co...@t-systems.com> ---
If I understood the code correctly, the "header-loop" beginning in line 950 is
not entered at all in case of 0 headers. So no https status code is appended to
AJP response and also the number of headers is missing then.
https://github.com/apache/tomcat/blob/9.0.x/java/org/apache/coyote/ajp/AjpProcessor.java
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 66591] HttpResponse without any header generates corrupted AJP messages
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=66591
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEEDINFO |NEW
--- Comment #5 from Mark Thomas <ma...@apache.org> ---
Thanks - I can recreate it now. I have a test case and the fix looks simple.
Just need to run a few more tests.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org