ICEfaces
  1. ICEfaces
  2. ICE-8548

Ensure header text does not corrupt the HTTP response

          Details

          • Type: Bug Bug
          • Status: Closed
          • Priority: Major Major
          • Resolution: Fixed
          • Affects Version/s: EE-1.8.2.GA_P03
          • Fix Version/s: EE-1.8.2.GA_P05
          • Component/s: Framework
          • Labels:
            None
          • Environment:
            ICEfaces
          • Assignee Priority:
            P2

            Description


            HTTP headers are set in the following lines of code

            ServletExternalContext.java:295
            ServletRequestResponse.java:245
            ServletRequestResponse.java:249

            This header text must be escaped or trimmed to ensure that the resulting header does not corrupt the HTTP response.

              Activity

              Repository Revision Date User Message
              ICEsoft Public SVN Repository #31815 Mon Oct 29 11:54:00 MDT 2012 jack.van.ooststroom Fixed JIRA ICE-8548 : Ensure header text does not corrupt the HTTP response
              Files Changed
              Commit graph ADD /icefaces/trunk/icefaces/core/src/com/icesoft/faces/webapp/http/servlet/HttpMessageHeaderValueValidator.java
              Repository Revision Date User Message
              ICEsoft Public SVN Repository #31785 Fri Oct 26 08:46:13 MDT 2012 jack.van.ooststroom Fixed JIRA ICE-8548 : Ensure header text does not corrupt the HTTP response
              Files Changed
              Commit graph MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/webapp/http/servlet/ServletRequestResponse.java
              Commit graph MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/webapp/http/servlet/ServletExternalContext.java

                People

                • Assignee:
                  Jack Van Ooststroom
                  Reporter:
                  Ted Goddard
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: