Uploaded image for project: 'Undertow'
  1. Undertow
  2. UNDERTOW-485

Undertow uses incorrect base64 encoding for HTTP2-Settings

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Blocker
    • 1.2.10.Final, 1.3.0.Beta5
    • 1.3.0.Beta3
    • Core
    • None

    Description

      According to specification [1] HTTP2-Settings should be encoded using base64url encoding, which uses as last two characters - and _ [2]. Undertow instead uses mime implementation of Base64 encoding which uses + and / and thus results in undertow failing to parse the HTTP2-Settings and thus connection not being established [3] when HTTP2-Settings Header contains one of those two characters.

      [1] http://tools.ietf.org/html/rfc7540#page-9
      [2] https://tools.ietf.org/html/rfc4648#section-5
      [3]

      12:45:10,868 ERROR [io.undertow.request] (default I/O-1) Undertow request failed HttpServerExchange{ GET /}: java.io.IOException: Invalid base64 character encountered: 95
	at io.undertow.util.FlexBase64$Decoder.nextByte(FlexBase64.java:881)
	at io.undertow.util.FlexBase64$Decoder.nextByte(FlexBase64.java:848)
	at io.undertow.util.FlexBase64$Decoder.decode(FlexBase64.java:1122)
	at io.undertow.util.FlexBase64$Decoder.decode(FlexBase64.java:1179)
	at io.undertow.util.FlexBase64$Decoder.decode(FlexBase64.java:1245)
	at io.undertow.util.FlexBase64$Decoder.access$500(FlexBase64.java:819)
	at io.undertow.util.FlexBase64.decode(FlexBase64.java:193)
	at io.undertow.server.protocol.http2.Http2UpgradeHandler.handleRequest(Http2UpgradeHandler.java:56)
	at io.undertow.server.Connectors.executeRootHandler(Connectors.java:199)
	at io.undertow.server.protocol.http.HttpReadListener.handleEventWithNoRunningRequest(HttpReadListener.java:227)
	at io.undertow.server.protocol.http.HttpReadListener.handleEvent(HttpReadListener.java:128)
	at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:143)
	at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:90)
	at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:49)
	at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
	at org.xnio.ChannelListeners$10.handleEvent(ChannelListeners.java:291)
	at org.xnio.ChannelListeners$10.handleEvent(ChannelListeners.java:286)
	at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
	at org.xnio.nio.NioTcpServerHandle.handleReady(NioTcpServerHandle.java:53)
	at org.xnio.nio.WorkerThread.run(WorkerThread.java:539)

      Attachments

        Issue Links

          clones

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-430 Undertow uses incorrect base64 encoding for HTTP2-Settings

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed

          Activity

            People

              sdouglas1@redhat.com Stuart Douglas
              rhatlapa@redhat.com Radim Hatlapatka (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: