activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "James Casey (JIRA)" <j...@apache.org>
Subject [jira] Updated: (AMQ-2817) STOMP headers need sanitization
Date Thu, 08 Jul 2010 15:34:52 GMT

     [ https://issues.apache.org/activemq/browse/AMQ-2817?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

James Casey updated AMQ-2817:
-----------------------------

    Priority: Minor  (was: Major)

> STOMP headers need sanitization
> -------------------------------
>
>                 Key: AMQ-2817
>                 URL: https://issues.apache.org/activemq/browse/AMQ-2817
>             Project: ActiveMQ
>          Issue Type: Bug
>          Components: Transport
>    Affects Versions: 5.3.2
>            Reporter: James Casey
>            Priority: Minor
>         Attachments: headers.patch
>
>
> Currently STOMP on a SEND extracts out the JMS headers and put the rest of the headers
into the message properties.  If a STOMP consumer starts to consume the messages, the JMS
fields are put into the header and the the properties are put in.  This can lead to a situation
where if the client has provided a header that it shouldn't have (e.g. message-id) it overwrites
the one provided by the broker.
> This can lead to problems with e.g. ACKs where the wrong message-id is sent back.
> This patch sanitizes all headers for a MESSAGE frame when they come into the broker so
they never get set in the properties.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message