You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Michel Decima (JIRA)" <ji...@apache.org> on 2010/02/12 16:56:27 UTC
[jira] Updated: (CXF-2669) MTOM producer - different content-id in
XOP:Include and MIME part for the same attachment
[ https://issues.apache.org/jira/browse/CXF-2669?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Michel Decima updated CXF-2669:
-------------------------------
Description:
Some third-party server can't receive MTOM attachment sent by CXF clients
because "cid" URL and Content-ID are different.
- In the SOAP part of the request the attachments are included as:
<xop:Include xmlns:xop="http://www.w3.org/2004/08/xop/include"
href="cid:5726d366-df25-4945-9f3b-3003a2ae8a70-3@http%3A%2F%2Fcxf.apache.org%2F"/>
(please notice escaped cxf.apache.org URI in the cid)
- instead, the actual Content-Id in the multipart POST part is unescaped:
Content-ID: <5726d366-df25-4945-9f3b-3003a2ae8a70-4@http://cxf.apache.org/>
>From RFC2111 (http://www.ietf.org/rfc/rfc2111.txt) :
A "cid" URL is converted to the corresponding Content-ID message
header [MIME] by removing the "cid:" prefix, converting %hh hex-
escaped characters to their ASCII equivalents and enclosing the
remaining parts with an angle bracket pair, "<" and ">". For
example, "mid:foo4%25foo1@..." corresponds to
Message-ID: <fo...@...>
According to this RFC, the "cid" URL and Content-ID are perfectly legal.
However, the behaviour of the function createContentID() from class
org.apache.cxf.attachment.AttachmentUtil is not very consistent:
The full content-id is the result of concatenation of a random part (name) and a
suffix part (cid) after encoding with URLencoder.
If the argument _ns_ is null or empty, the suffix defaults to
"http://cxf.apache.org" (full absolute URL, not the host part of it), and
then the result of the function will contain hex-escaped characters, like
this:
5726d366-df25-4945-9f3b-3003a2ae8a70-3@http%3A%2F%2Fcxf.apache.org%2F
If the argument _ns_ is not null and not empty, then _ns_ is used to build an
URL, and the host part of this URL will be used as suffix value. Thus, if we
call this function with a specific namespace, for example "http://cxf.apache.org",
the result will be :
5726d366-df25-4945-9f3b-3003a2ae8a70-3@cxf.apache.org
and this string value does not contains hex-escaped characters.
To be more consistent, the function should use only the host part "cxf.apache.org"
if namespace is null/empty. In other words, calling createContentId() explicitely
with empty namespace and "http://cxf.apache.org/" should give the same value for
the suffix part (after character @).
Since this modification affects only the default suffix value, the algorithm
stays the same, and hex-escaped characters are processed as expected. But, as
a side effect, the generated contentID will be compatible with current third-party
server.
was:
Some third-party server can't receive MTOM attachment sent by CXF clients
because "cid" URL and Content-ID are different.
- In the SOAP part of the request the attachments are included as:
<xop:Include xmlns:xop="http://www.w3.org/2004/08/xop/include"
href="cid:5726d366-df25-4945-9f3b-3003a2ae8a70-3@http%3A%2F%2Fcxf.apache.org%2F"/>
(please notice escaped cxf.apache.org URI in the cid)
- instead, the actual Content-Id in the multipart POST part is unescaped:
Content-ID: <5726d366-df25-4945-9f3b-3003a2ae8a70-4@http://cxf.apache.org/>
>From RFC2111 (http://www.ietf.org/rfc/rfc2111.txt) :
A "cid" URL is converted to the corresponding Content-ID message
header [MIME] by removing the "cid:" prefix, converting %hh hex-
escaped characters to their ASCII equivalents and enclosing the
remaining parts with an angle bracket pair, "<" and ">". For
example, "mid:foo4%25foo1@..." corresponds to
Message-ID: <fo...@...>
According to this RFC, the "cid" URL and Content-ID are perfectly legal.
However, the behaviour of the function createContentID() from class
org.apache.cxf.attachment.AttachmentUtil is not very consistent:
63 public static String createContentID(String ns) throws UnsupportedEncodingException {
64 // tend to change
65 String cid = "http://cxf.apache.org/";
66
67 String name = ATT_UUID + "-" + String.valueOf(++counter);
68 if (ns != null && (ns.length() > 0)) {
69 try {
70 URI uri = new URI(ns);
71 String host = uri.toURL().getHost();
72 cid = host;
73 } catch (URISyntaxException e) {
74 cid = ns;
75 } catch (MalformedURLException e) {
76 cid = ns;
77 }
78 }
79 return URLEncoder.encode(name, "UTF-8") + "@" + URLEncoder.encode(cid, "UTF-8");
80 }
The full content-id is the result of concatenation of a random part (name) and a
suffix part (cid) after encoding with URLencoder.
If the argument _ns_ is null or empty, the suffix defaults to
"http://cxf.apache.org" (full absolute URL, not the host part of it), and
then the result of the function will contain hex-escaped characters, like
this:
5726d366-df25-4945-9f3b-3003a2ae8a70-3@http%3A%2F%2Fcxf.apache.org%2F
If the argument _ns_ is not null and not empty, then _ns_ is used to build an
URL, and the host part of this URL will be used as suffix value. Thus, if we
call this function with a specific namespace, for example "http://cxf.apache.org",
the result will be :
5726d366-df25-4945-9f3b-3003a2ae8a70-3@cxf.apache.org
and this string value does not contains hex-escaped characters.
To be more consistent, the function should use only the host part "cxf.apache.org"
if namespace is null/empty. In other words, calling createContentId() explicitely
with empty namespace and "http://cxf.apache.org/" should give the same value for
the suffix part (after character @).
Since this modification affects only the default suffix value, the algorithm
stays the same, and hex-escaped characters are processed as expected. But, as
a side effect, the generated contentID will be compatible with current third-party
server.
> MTOM producer - different content-id in XOP:Include and MIME part for the same attachment
> -----------------------------------------------------------------------------------------
>
> Key: CXF-2669
> URL: https://issues.apache.org/jira/browse/CXF-2669
> Project: CXF
> Issue Type: Improvement
> Components: Core
> Affects Versions: 2.2.6
> Reporter: Michel Decima
>
> Some third-party server can't receive MTOM attachment sent by CXF clients
> because "cid" URL and Content-ID are different.
> - In the SOAP part of the request the attachments are included as:
> <xop:Include xmlns:xop="http://www.w3.org/2004/08/xop/include"
> href="cid:5726d366-df25-4945-9f3b-3003a2ae8a70-3@http%3A%2F%2Fcxf.apache.org%2F"/>
> (please notice escaped cxf.apache.org URI in the cid)
> - instead, the actual Content-Id in the multipart POST part is unescaped:
> Content-ID: <5726d366-df25-4945-9f3b-3003a2ae8a70-4@http://cxf.apache.org/>
> From RFC2111 (http://www.ietf.org/rfc/rfc2111.txt) :
> A "cid" URL is converted to the corresponding Content-ID message
> header [MIME] by removing the "cid:" prefix, converting %hh hex-
> escaped characters to their ASCII equivalents and enclosing the
> remaining parts with an angle bracket pair, "<" and ">". For
> example, "mid:foo4%25foo1@..." corresponds to
> Message-ID: <fo...@...>
> According to this RFC, the "cid" URL and Content-ID are perfectly legal.
> However, the behaviour of the function createContentID() from class
> org.apache.cxf.attachment.AttachmentUtil is not very consistent:
> The full content-id is the result of concatenation of a random part (name) and a
> suffix part (cid) after encoding with URLencoder.
> If the argument _ns_ is null or empty, the suffix defaults to
> "http://cxf.apache.org" (full absolute URL, not the host part of it), and
> then the result of the function will contain hex-escaped characters, like
> this:
> 5726d366-df25-4945-9f3b-3003a2ae8a70-3@http%3A%2F%2Fcxf.apache.org%2F
> If the argument _ns_ is not null and not empty, then _ns_ is used to build an
> URL, and the host part of this URL will be used as suffix value. Thus, if we
> call this function with a specific namespace, for example "http://cxf.apache.org",
> the result will be :
> 5726d366-df25-4945-9f3b-3003a2ae8a70-3@cxf.apache.org
> and this string value does not contains hex-escaped characters.
> To be more consistent, the function should use only the host part "cxf.apache.org"
> if namespace is null/empty. In other words, calling createContentId() explicitely
> with empty namespace and "http://cxf.apache.org/" should give the same value for
> the suffix part (after character @).
> Since this modification affects only the default suffix value, the algorithm
> stays the same, and hex-escaped characters are processed as expected. But, as
> a side effect, the generated contentID will be compatible with current third-party
> server.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.