Uploaded image for project: 'Undertow'
  1. Undertow
  2. UNDERTOW-485

Undertow uses incorrect base64 encoding for HTTP2-Settings

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Blocker Blocker
    • 1.2.10.Final, 1.3.0.Beta5
    • 1.3.0.Beta3
    • Core
    • None

      According to specification [1] HTTP2-Settings should be encoded using base64url encoding, which uses as last two characters - and _ [2]. Undertow instead uses mime implementation of Base64 encoding which uses + and / and thus results in undertow failing to parse the HTTP2-Settings and thus connection not being established [3] when HTTP2-Settings Header contains one of those two characters.

      [1] http://tools.ietf.org/html/rfc7540#page-9
      [2] https://tools.ietf.org/html/rfc4648#section-5
      [3]

      12:45:10,868 ERROR [io.undertow.request] (default I/O-1) Undertow request failed HttpServerExchange{ GET /}: java.io.IOException: Invalid base64 character encountered: 95
	at io.undertow.util.FlexBase64$Decoder.nextByte(FlexBase64.java:881)
	at io.undertow.util.FlexBase64$Decoder.nextByte(FlexBase64.java:848)
	at io.undertow.util.FlexBase64$Decoder.decode(FlexBase64.java:1122)
	at io.undertow.util.FlexBase64$Decoder.decode(FlexBase64.java:1179)
	at io.undertow.util.FlexBase64$Decoder.decode(FlexBase64.java:1245)
	at io.undertow.util.FlexBase64$Decoder.access$500(FlexBase64.java:819)
	at io.undertow.util.FlexBase64.decode(FlexBase64.java:193)
	at io.undertow.server.protocol.http2.Http2UpgradeHandler.handleRequest(Http2UpgradeHandler.java:56)
	at io.undertow.server.Connectors.executeRootHandler(Connectors.java:199)
	at io.undertow.server.protocol.http.HttpReadListener.handleEventWithNoRunningRequest(HttpReadListener.java:227)
	at io.undertow.server.protocol.http.HttpReadListener.handleEvent(HttpReadListener.java:128)
	at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:143)
	at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:90)
	at io.undertow.server.protocol.http.HttpOpenListener.handleEvent(HttpOpenListener.java:49)
	at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
	at org.xnio.ChannelListeners$10.handleEvent(ChannelListeners.java:291)
	at org.xnio.ChannelListeners$10.handleEvent(ChannelListeners.java:286)
	at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
	at org.xnio.nio.NioTcpServerHandle.handleReady(NioTcpServerHandle.java:53)
	at org.xnio.nio.WorkerThread.run(WorkerThread.java:539)

              sdouglas1@redhat.com Stuart Douglas (Inactive)
              rhatlapa@redhat.com Radim Hatlapatka (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: