activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dejan Bosanac (JIRA)" <j...@apache.org>
Subject [jira] Resolved: (AMQ-2817) STOMP headers need sanitization
Date Fri, 09 Jul 2010 12:57:53 GMT

     [ https://issues.apache.org/activemq/browse/AMQ-2817?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Dejan Bosanac resolved AMQ-2817.
--------------------------------

         Assignee: Dejan Bosanac
    Fix Version/s: 5.4.0
       Resolution: Fixed

Patch applied (svn revision 962512) with thanks!

> STOMP headers need sanitization
> -------------------------------
>
>                 Key: AMQ-2817
>                 URL: https://issues.apache.org/activemq/browse/AMQ-2817
>             Project: ActiveMQ
>          Issue Type: Bug
>          Components: Transport
>    Affects Versions: 5.3.2
>            Reporter: James Casey
>            Assignee: Dejan Bosanac
>            Priority: Minor
>             Fix For: 5.4.0
>
>         Attachments: headers.patch
>
>
> Currently STOMP on a SEND extracts out the JMS headers and put the rest of the headers
into the message properties.  If a STOMP consumer starts to consume the messages, the JMS
fields are put into the header and the the properties are put in.  This can lead to a situation
where if the client has provided a header that it shouldn't have (e.g. message-id) it overwrites
the one provided by the broker.
> This can lead to problems with e.g. ACKs where the wrong message-id is sent back.
> This patch sanitizes all headers for a MESSAGE frame when they come into the broker so
they never get set in the properties.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message