Uploaded image for project: 'Undertow'
  1. Undertow
  2. UNDERTOW-1237

MultipartParser doesn't properly handle multi-line headers

    Details

      Description

      According to section 2.2.3 of RFC2822, headers may be folded at a whitespace character with a CRLF. Currently, MultipartParser considers the CRLF the end of the header value in all cases rather than checking for a whitespace character that signals the continuation of the value. This results in a MalformedMessageException to be thrown from the headerName method when the currentString (which now contains the remainder of the value) is checked to ensure it is null.

      This behavior may be reproduced by simply creating a multi-line header for a request, for example:

      {{Content-Disposition: form-data;
      name="data";
      filename="foo"}}

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  swd847 Stuart Douglas
                  Reporter:
                  jt_cuda Jonathan Tanner
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: