You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Lasse Lindqvist <la...@gmail.com> on 2023/07/12 12:28:40 UTC
Tomcat returning faulty "empty" header
Hi. Every once in a while in automatic tests I see an error
Caused by: org.apache.http.ProtocolException: Invalid header: :
at app//org.apache.http.impl.io.AbstractMessageParser.parseHeaders(AbstractMessageParser.java:230)
at app//org.apache.http.impl.io.AbstractMessageParser.parse(AbstractMessageParser.java:266)
at app//org.apache.http.impl.DefaultBHttpClientConnection.receiveResponseHeader(DefaultBHttpClientConnection.java:163)
at app//org.apache.http.impl.conn.CPoolProxy.receiveResponseHeader(CPoolProxy.java:157)
at app//org.apache.http.protocol.HttpRequestExecutor.doReceiveResponse(HttpRequestExecutor.java:273)
at app//org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:125)
at app//org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:272)
at app//org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
at app//org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
at app//org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
at app//org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
Meaning that the header contents would be just ": ", suggesting that
it has an empty key and empty value.
The service being called is a Spring Boot 2.7 application that has a
simple Controller with no custom header definitions.
It does return a response with
.contentType(MediaType.APPLICATION_OCTET_STREAM)
and body of StreamingResponseBody though.
I am wondering if this is something that might be on the Tomcat side,
or Spring side. But even if on Spring side, should Tomcat perhaps
prevent the creation of these empty headers, as at least
Apache HTTP client considers them invalid and will not choose to ignore them.
This reproduces relatively rarely, and by rerunning tests it normally
disappears, so I have not been able to catch the root issue.
Maybe it is related to
https://github.com/spring-projects/spring-security/issues/9175 and
fully a Spring issue even though my error is not exactly the same as
those in the Github issue?
RE: Tomcat returning faulty "empty" header
Posted by "Ganesan, Prabu" <pr...@capgemini.com.INVALID>.
HI Team
Could you please Provide steps for installion of tomcat 9.0 version. We are very new for it
Thanks & Regards,
_________________________________________________________
PrabuGanesan
Consultant|MS-Nordics
capgemini India Pvt. Ltd. | Bangalore
Contact: +91 8526554535
Email: prabhu.c.ganesan@capgemini.com
www.capgemini.com
People matter, results count.
__________________________________________________________
Connect with Capgemini:
Please consider the environment and do not print this email unless absolutely necessary.
Capgemini encourages environmental awareness.
-----Original Message-----
From: Lasse Lindqvist <la...@gmail.com>
Sent: 12 July 2023 17:59
To: users@tomcat.apache.org
Subject: Tomcat returning faulty "empty" header
******This mail has been sent from an external source. Do not reply to it, or open any links/attachments unless you are sure of the sender's identity.******
Hi. Every once in a while in automatic tests I see an error
Caused by: org.apache.http.ProtocolException: Invalid header: :
at app//org.apache.http.impl.io.AbstractMessageParser.parseHeaders(AbstractMessageParser.java:230)
at app//org.apache.http.impl.io.AbstractMessageParser.parse(AbstractMessageParser.java:266)
at app//org.apache.http.impl.DefaultBHttpClientConnection.receiveResponseHeader(DefaultBHttpClientConnection.java:163)
at app//org.apache.http.impl.conn.CPoolProxy.receiveResponseHeader(CPoolProxy.java:157)
at app//org.apache.http.protocol.HttpRequestExecutor.doReceiveResponse(HttpRequestExecutor.java:273)
at app//org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:125)
at app//org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:272)
at app//org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
at app//org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
at app//org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
at app//org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
Meaning that the header contents would be just ": ", suggesting that it has an empty key and empty value.
The service being called is a Spring Boot 2.7 application that has a simple Controller with no custom header definitions.
It does return a response with
.contentType(MediaType.APPLICATION_OCTET_STREAM)
and body of StreamingResponseBody though.
I am wondering if this is something that might be on the Tomcat side, or Spring side. But even if on Spring side, should Tomcat perhaps prevent the creation of these empty headers, as at least Apache HTTP client considers them invalid and will not choose to ignore them.
This reproduces relatively rarely, and by rerunning tests it normally disappears, so I have not been able to catch the root issue.
Maybe it is related to
https://github.com/spring-projects/spring-security/issues/9175 and fully a Spring issue even though my error is not exactly the same as those in the Github issue?
This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message.
Re: Tomcat returning faulty "empty" header
Posted by Mark Thomas <ma...@apache.org>.
12 Jul 2023 14:28:40 Lasse Lindqvist <la...@gmail.com>:
> Hi. Every once in a while in automatic tests I see an error
>
> Caused by: org.apache.http.ProtocolException: Invalid header: :
> at
> app//org.apache.http.impl.io.AbstractMessageParser.parseHeaders(AbstractMessageParser.java:230)
> at
> app//org.apache.http.impl.io.AbstractMessageParser.parse(AbstractMessageParser.java:266)
> at
> app//org.apache.http.impl.DefaultBHttpClientConnection.receiveResponseHeader(DefaultBHttpClientConnection.java:163)
> at
> app//org.apache.http.impl.conn.CPoolProxy.receiveResponseHeader(CPoolProxy.java:157)
> at
> app//org.apache.http.protocol.HttpRequestExecutor.doReceiveResponse(HttpRequestExecutor.java:273)
> at
> app//org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:125)
> at
> app//org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:272)
> at
> app//org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
> at
> app//org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
> at
> app//org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
> at
> app//org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
>
> Meaning that the header contents would be just ": ", suggesting that
> it has an empty key and empty value.
>
> The service being called is a Spring Boot 2.7 application that has a
> simple Controller with no custom header definitions.
> It does return a response with
> .contentType(MediaType.APPLICATION_OCTET_STREAM)
>
> and body of StreamingResponseBody though.
>
> I am wondering if this is something that might be on the Tomcat side,
> or Spring side. But even if on Spring side, should Tomcat perhaps
> prevent the creation of these empty headers, as at least
> Apache HTTP client considers them invalid and will not choose to ignore
> them.
Tomcat lets applications do stupid things on the basis that sometimes
they need to to work around issues with broken clients.
Over time there has been a shift towards rejecting non spec compliant
input but it hasn't reached the general response headers yet.
If you can ID the root cause we may be able to provide more specific
feedback.
Mark
>
> This reproduces relatively rarely, and by rerunning tests it normally
> disappears, so I have not been able to catch the root issue.
>
> Maybe it is related to
> https://github.com/spring-projects/spring-security/issues/9175 and
> fully a Spring issue even though my error is not exactly the same as>
> those in the Github issue?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org