Mailing-List: contact httpclient-dev-help@jakarta.apache.org; run by ezmlm
Precedence: bulk
Reply-To: "HttpClient Project" <httpclient-dev@jakarta.apache.org>
Message-ID: <22875768.1149251490150.JavaMail.jira@brutus>
Date: Fri, 2 Jun 2006 12:31:30 +0000 (GMT+00:00)
From: "Oleg Kalnichevski (JIRA)" <jira@apache.org>
To: httpclient-dev@jakarta.apache.org
Subject: [jira] Resolved: (HTTPCLIENT-581) Memory overflow protection for
 getResponseBody()
In-Reply-To: <11993191.1149240270786.JavaMail.jira@brutus>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit

     [ http://issues.apache.org/jira/browse/HTTPCLIENT-581?page=all ]
     
Oleg Kalnichevski resolved HTTPCLIENT-581:
------------------------------------------

    Resolution: Won't Fix

Won't fix for the following reason: 

The use of HttpMethod#getResponseBody is strongly discouraged as of release 2.0.2. This method will be completely removed in the release 4.0. It's broken, wrong and should have never been there in the first place. Content processing is an application level aspect, not a transport level one. Memory overflow risks in this particular instance must be addressed at the appropriate level.

Oleg

> Memory overflow protection for getResponseBody()
> ------------------------------------------------
>
>          Key: HTTPCLIENT-581
>          URL: http://issues.apache.org/jira/browse/HTTPCLIENT-581
>      Project: Jakarta HttpClient
>         Type: Improvement

>   Components: HttpClient
>     Versions: 2.0.2, 3.0 Final, 3.0.1
>     Reporter: Wouter Zelle
>     Priority: Minor

>
> Currently we are using getResponseBodyAsString() in our production code, which calls getResponseBody() . This method logs a warning since version 2.0.2 ("Going to buffer response body of large or unknown size. Using getResponseBodyAsStream instead is recommended."). I want to get rid of those warnings. The suggestion is to use getResponseAsStream for two reasons:
> 1. Performance
> 2. Memory overflow risks
> The first is a valid reason to change, but should not be mandated by a library IMO. It's my call as an application developer to balance the risks against the rewards of refactoring the code. The second reason is more important, but it can be handled by the getResponseBody method itself. My suggestion is to add a new Http Method Param: "http.method.response.maximum.size". Setting this parameter to a value in bytes should then:
> 1. Result in an exception if the received message is larger than the supplied size.
> 2. No longer warn the user to use getResponseBodyAsStream (by setting the max size, I've also accepted the performance penalty of getResponseBodyAsString()).
> Another alternative to get rid of the warning is to create a custom implementation of getResponseBodyAsString(), which was suggested to someone else by a HttpClient developer:
> http://mail-archives.apache.org/mod_mbox/jakarta-httpclient-user/200411.mbox/%3c1101592381.3308.26.camel@localhost.localdomain%3e
> I consider this unacceptable because:
> 1. I don't want to maintain this code.
> 2. The suggested code in no way resolves the memory overflow issue, so I consider it a hack to get rid of the warning.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-dev-help@jakarta.apache.org