activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "James Casey (JIRA)" <>
Subject [jira] Updated: (AMQ-2817) STOMP headers need sanitization
Date Thu, 08 Jul 2010 15:34:52 GMT


James Casey updated AMQ-2817:

    Priority: Minor  (was: Major)

> STOMP headers need sanitization
> -------------------------------
>                 Key: AMQ-2817
>                 URL:
>             Project: ActiveMQ
>          Issue Type: Bug
>          Components: Transport
>    Affects Versions: 5.3.2
>            Reporter: James Casey
>            Priority: Minor
>         Attachments: headers.patch
> Currently STOMP on a SEND extracts out the JMS headers and put the rest of the headers
into the message properties.  If a STOMP consumer starts to consume the messages, the JMS
fields are put into the header and the the properties are put in.  This can lead to a situation
where if the client has provided a header that it shouldn't have (e.g. message-id) it overwrites
the one provided by the broker.
> This can lead to problems with e.g. ACKs where the wrong message-id is sent back.
> This patch sanitizes all headers for a MESSAGE frame when they come into the broker so
they never get set in the properties.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message