Loading...

XML

Word

Printable

Type: Enhancement
Resolution: Done
Priority: Optional
Fix Version/s: 7.4.17.CR1, 7.4.17.GA
Affects Version/s: None
Component/s: Undertow
Labels:
- regression-test-only

Blocked:
False
Blocked Reason:
None
Ready:
False
CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.4.z.GA
Git Pull Request:
https://github.com/undertow-io/undertow/pull/1583
Intelligence Requested:
Market:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

At that method, there is a block that iterates through the path

// verify content of request pseudo-headers. Each header should only have a single value.
if (headers.contains(PATH)) {
    for (byte b: headers.get(PATH).getFirst().getBytes(ISO_8859_1)) {
        if (!allowUnescapedCharactersInUrl && !HttpRequestParser.isTargetCharacterAllowed((char)b)){
            return false;
        }
    }
}

Iterating is unnecessary when allowUnescapedCharactersInUrl is true.

clones

UNDERTOW-2374 At Http2ReceiveListener.checkRequestHeaders do not check path chars when unescaped characters are allowed

Closed

is cloned by

JBEAP-26974 (8.0.z) UNDERTOW-2374 - At Http2ReceiveListener.checkRequestHeaders do not check path chars when unescaped characters are allowed

Closed

is incorporated by

JBEAP-26815 (7.4.z) Upgrade undertow from 2.2.30.SP1-redhat-00001 to 2.2.32.SP1-redhat-00001

Closed

Assignee:: Lin Gao

Reporter:: Lin Gao

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2024/04/19 11:43 AM

Updated:: 2024/08/19 2:08 PM

Resolved:: 2024/04/19 11:44 AM