commons-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kedar Panse" <ke...@bancbridge.com>
Subject RE: [HTTPClient] Header parser
Date Wed, 14 Feb 2007 00:13:46 GMT
Sorry to pop the same thing again.  It looks like in HttpParser.java
This method:
parseHeaders(InputStream is, String charset)

checks for LWS chars  like this

  if ((line.charAt(0) == ' ') || (line.charAt(0) == '\t')) {
		blah blah.
	}
  else{
		Blah blah...
		int colon = line.indexOf(":");
                if (colon < 0) {
                    throw new ProtocolException("Unable to parse header: " +
line);
                }
		Blah blah....
	}


So if the header is something like "Set-Cookie: user-cookie=xxxx; path=/;
domain=.xxx.com; secure HTTP/1.0 200" gets spitted in to 2 lines. Which is
kinda correct. But as you can see the next line now is HTTP/1.0 200.  Here
there is no colon. Here httpclient thinks it's a bad header and throws the
error. 

However this should be handled I think, if it's a correct according to
folded headers in 2616.  I ran across server that does return something like
this, and IE/FireFox does process it ok (off course server is IIS so.. not
confident about std)


You guys have any thought on this?


Cheers!

Kedar


-----Original Message-----
From: Kedar Panse [mailto:kedar@bancbridge.com] 
Sent: Monday, February 05, 2007 3:34 AM
To: 'Jakarta Commons Users List'
Subject: RE: [HTTPClient] Header parser

Interesting. Let me try the same.. I must be making some mistake. I did had
RC4. Thanks!



Kedar

-----Original Message-----
From: Bindul Bhowmik [mailto:bindulbhowmik@gmail.com] 
Sent: Sunday, February 04, 2007 1:35 AM
To: Jakarta Commons Users List
Subject: Re: [HTTPClient] Header parser

Kedar,

On 2/3/07, Kedar Panse <kedar@bancbridge.com> wrote:
> Actually there is not a new line, it's the same line where the set cookie
> header is.
> So the line contains:
>
> "Set-Cookie: user-cookie=xxxx; path=/; domain=.xxx.com; secure HTTP/1.0
200"
>
> Which I think makes this invalid. But I read somewhere that server can
> choose to change the protocol from HTTP/1.1 to HTTP/1.0 in such cases it
can
> send two of these headers? I am not quite sure if this is covered under
> folded headers thing.
>

I am a bit confused now. I am not sure which version of HTTPClient you
are using, but I tried recreating this scenario using a simple
servlet, and HTTPClient code from TRUNK.

If there is just a space between 'secure' and 'HTTP' the client does
not fail. Below are excerpts from my wire log.

13:01:22,578 [main] DEBUG [httpclient.wire.header]  - << "HTTP/1.1 200
OK[\r][\n]"
13:01:22,593 [main] DEBUG [httpclient.wire.header]  - << "Server:
Apache-Coyote/1.1[\r][\n]"
13:01:22,593 [main] DEBUG [httpclient.wire.header]  - << "Set-Cookie:
user-cookie="xxxx  HTTP/1.0 200"[\r][\n]"
13:01:22,593 [main] DEBUG [httpclient.wire.header]  - << "Set-Cookie:
user-cookie1=xxxy; path=/; domain=localhost; secure HTTP/1.0
200[\r][\n]"
13:01:22,593 [main] DEBUG [httpclient.wire.header]  - <<
"Content-Length: 0[\r][\n]"
13:01:22,593 [main] DEBUG [httpclient.wire.header]  - << "Date: Sat,
03 Feb 2007 20:01:22 GMT[\r][\n]"
13:01:22,625 [main] DEBUG [commons.httpclient.HttpMethodBase]  -
Cookie accepted: "$Version=0; user-cookie=xxxx  HTTP/1.0 200"
13:01:22,625 [main] DEBUG [commons.httpclient.HttpMethodBase]  -
Cookie accepted: "$Version=0; user-cookie1=xxxy; $Path=/;
$Domain=localhost"

>
> Thanks!
>
>
> Kedar
>
> -----Original Message-----
> From: Bindul Bhowmik [mailto:bindulbhowmik@gmail.com]
> Sent: Saturday, February 03, 2007 3:18 PM
> To: Jakarta Commons Users List
> Subject: Re: [HTTPClient] Header parser
>
> Kedar,
>
> On 2/3/07, Kedar Panse <kedar@bancbridge.com> wrote:
> > Hello guys!
> >
> >
> >
> > I have been using HTTPClient for quite a while, thanks to you guys work!
> > Recently I came across a site, which I believe is returning bad headers.
> > HTTPClient seems to choke on
> >
> >
> >
> > Set-Cookie: user-cookie=xxxx; path=/; domain=.xxx.com; secure HTTP/1.0
200
>
> The HTTP/1.0 200 is the status line of the HTTP response and is
> supposed to be the first line in the response [1]. HttpClient is
> trying to parse that field as a name value HTTP Header.
>
> Also, not evident in the email, I think there is a new line character
> between secure and HTTP in that line.
>
> >
> > content-type: text/html
> >
> >
> >
> > Exception I get is:
> >
> >
> >
> > WARNING: org.apache.commons.httpclient.ProtocolException: Unable to
parse
> > header: HTTP/1.0 200
> >
> >
> >
> >
> >
> > Is this a valid header for cookie?  Firefox/IE seem to get past it easy.
> Is
> > there any way to get around this?
>
> The way to get around this is to modify the HttpClient source. More
> specifically you need to modify the
> org.apache.commons.httpclient.HttpParser#readLine(InputStream, String)
> method and can make it lenient and ask it to ignore any lines that
> dont follow the standard 'header-name: header-value' pattern. You can
> modify the source and rebuild your own jar.
>
> I don't know your entire response, but if HttpClient has reached the
> state where it is parsing the headers, I assume the server has already
> sent a status line as the first line of response.
>
> >
> >
> >
> >
> >
> > Regards,
> >
> >
> >
> > Kedar
> >
> >
>
> Hope this helps,
>
> Regards,
> Bindul
>
> --
> Bindul Bhowmik
> MindTree Consulting Ltd.
>

Regards,
Bindul
-- 
Bindul Bhowmik
MindTree Consulting Ltd.

---------------------------------------------------------------------
To unsubscribe, e-mail: commons-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-user-help@jakarta.apache.org




---------------------------------------------------------------------
To unsubscribe, e-mail: commons-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-user-help@jakarta.apache.org


Mime
View raw message