cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elakito <...@git.apache.org>
Subject [GitHub] cxf pull request: Fix index out of bounds crash in HttpHeaderHelpe...
Date Tue, 27 Oct 2015 09:35:53 GMT
Github user elakito commented on the pull request:

    https://github.com/apache/cxf/pull/89#issuecomment-151432528
  
    @sberyozkin somewhere I remember reading the missing charset is supposed to be interpreted
as charset utf-8 in http. But the current mime RFC [1] as well as w3c's internationalization
document both mention the missing charset means iso-8859-1. So, I don't remember where I read
the defautl utf-8 convention. 
    
    But here I was talking about not the default but the invalid charset syntax. Something
went wrong or programmed wrong and a client is sending a content-type header with
    Content-Type: text/xml; charset=
    
    The above specs say the charset value must be a valid IANA charset value.  In this case,
we don't know why the client generated this invalid charset entry. Was it trying to set the
system default charset and didn't realize the value was null? Or something else went wrong?
Hence, simply ignoring this invalid charset parameter and defaulting to utf-8 will hide this
problem from our eyes and potentially lead to the incorrect decoding.
    
    [1] https://tools.ietf.org/html/rfc7230
    [2] http://www.w3.org/International/O-HTTP-charset#charset


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message