cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Antonio Sargento (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CXF-5598) Header field name comparison not correct in CrossOriginResourceSharingFilter
Date Fri, 07 Mar 2014 14:06:43 GMT
Antonio Sargento created CXF-5598:
-------------------------------------

             Summary: Header field name comparison not correct in CrossOriginResourceSharingFilter
                 Key: CXF-5598
                 URL: https://issues.apache.org/jira/browse/CXF-5598
             Project: CXF
          Issue Type: Bug
          Components: JAX-RS, JAX-RS Security
    Affects Versions: 2.7.10
            Reporter: Antonio Sargento


The CrossOriginResourceSharingFilter is not handled correctly the header field name comparison
(ex: method effectiveAllowHeaders).
On RFC 2616, "Hypertext Transfer Protocol -- HTTP/1.1", 4.2, "Message Headers":
{panel}
Each header field consists of a name followed by a colon (":") and the field value. Field
names are case-insensitive.
{panel}.

Even http://www.w3.org/TR/cors points that on 3. "Terminology" (ASCII case-insensitive match).




--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message