Opened 9 years ago

Closed 9 years ago

Last modified 7 years ago

#10681 closed (fixed)

Etag parser crashes on invalid input

Reported by: Ivan Sagalaev Owned by: Malcolm Tredinnick
Component: HTTP handling Version:
Severity: Keywords:
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:


Etag parser crashes on input with a trailing backslash trying to unquote the string. Apparently Opera 9.64 does send such etag in If-None-Match in some circumstances.

While strictly following HTTP requires to answer with "400 Bad Request" I believe it's too extreme for the real world. We can simply ignore the header in this case.

Patch follows shortly...

Attachments (1)

10681.diff (1.4 KB) - added by Ivan Sagalaev 9 years ago.

Download all attachments as: .zip

Change History (7)

Changed 9 years ago by Ivan Sagalaev

Attachment: 10681.diff added


comment:1 Changed 9 years ago by Ivan Sagalaev

Has patch: set

comment:2 Changed 9 years ago by Jacob

milestone: 1.1
Triage Stage: UnreviewedAccepted

I'm not sure the patch as given is the right approach: rfc2616 allows any 8-bit character to be in the contents of an etag, and we should do our best to support that. But crashing is right out.

comment:3 Changed 9 years ago by Ivan Sagalaev

It's not about not accepting back-slash. It's about invalid escaping. If etag is exactly single back-slash character then it's perfectly possible to send like this:

If-None-Match: "\\"

What Opera sends here is just invalid.

comment:4 Changed 9 years ago by Malcolm Tredinnick

This bug should also be reported to Opera, Ivan.

We really should be sending back a 400 response here, however, since it appears nobody else does, we'll have to play along. The patch looks right, but it means we now have to put Opera in the "not really a web browser" basket to keep al the versions of IE company.

comment:5 Changed 9 years ago by Malcolm Tredinnick

Resolution: fixed
Status: newclosed

(In [10370]) Fixed #10681 -- Work around (by ignoring) invalid ETag headers.

This is a hack to work around problems in the Real World. Apparently, Opera
9.64 has been observed sending malformed headers. We now compromise our high
principles and simply ignore such bad behaviour.

Patch from Ivan Sagalaev.

comment:6 Changed 7 years ago by Jacob

milestone: 1.1

Milestone 1.1 deleted

Note: See TracTickets for help on using tickets.
Back to Top