You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2019/10/10 09:25:11 UTC

[Bug 63829] New: CompressionConfig does compare request header values for complete tokens case-insensitively

https://bz.apache.org/bugzilla/show_bug.cgi?id=63829

            Bug ID: 63829
           Summary: CompressionConfig does compare request header values
                    for complete tokens case-insensitively
           Product: Tomcat 9
           Version: 9.0.x
          Hardware: All
                OS: All
            Status: NEW
          Severity: major
          Priority: P2
         Component: Connectors
          Assignee: dev@tomcat.apache.org
          Reporter: michaelo@apache.org
  Target Milestone: -----

Based on the discussion here:
https://www.mail-archive.com/dev@tomcat.apache.org/msg136990.html

This is similar to 63825 and 63824. 
The class does neither compare case-insensitively as required by the
appropriate RFC not does it compare complete tokens split at the comma.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

[Bug 63829] CompressionConfig does compare request header values for complete tokens case-insensitively

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=63829

Michael Osipov <mi...@apache.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |michaelo@apache.org

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

[Bug 63829] CompressionConfig does compare request header values for complete tokens case-insensitively

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=63829

Mark Thomas <ma...@apache.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED

--- Comment #1 from Mark Thomas <ma...@apache.org> ---
Fixed in:
- master for 9.0.28 onwards
- 8.5.x for 8.5.48 onwards
- 7.0.x for 7.0.98 onwards

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org