Opened 15 years ago

Closed 15 years ago

Last modified 12 years ago

#10681 closed (fixed)

Etag parser crashes on invalid input

Reported by: Ivan Sagalaev Owned by: Malcolm Tredinnick
Component: HTTP handling Version:
Severity: Keywords:
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

Etag parser crashes on input with a trailing backslash trying to unquote the string. Apparently Opera 9.64 does send such etag in If-None-Match in some circumstances.

While strictly following HTTP requires to answer with "400 Bad Request" I believe it's too extreme for the real world. We can simply ignore the header in this case.

Patch follows shortly...

Attachments (1)

10681.diff (1.4 KB ) - added by Ivan Sagalaev 15 years ago.
Patch

Download all attachments as: .zip

Change History (7)

by Ivan Sagalaev, 15 years ago

Attachment: 10681.diff added

Patch

comment:1 by Ivan Sagalaev, 15 years ago

Has patch: set

comment:2 by Jacob, 15 years ago

milestone: 1.1
Triage Stage: UnreviewedAccepted

I'm not sure the patch as given is the right approach: rfc2616 allows any 8-bit character to be in the contents of an etag, and we should do our best to support that. But crashing is right out.

comment:3 by Ivan Sagalaev, 15 years ago

It's not about not accepting back-slash. It's about invalid escaping. If etag is exactly single back-slash character then it's perfectly possible to send like this:

If-None-Match: "\\"

What Opera sends here is just invalid.

comment:4 by Malcolm Tredinnick, 15 years ago

This bug should also be reported to Opera, Ivan.

We really should be sending back a 400 response here, however, since it appears nobody else does, we'll have to play along. The patch looks right, but it means we now have to put Opera in the "not really a web browser" basket to keep al the versions of IE company.

comment:5 by Malcolm Tredinnick, 15 years ago

Resolution: fixed
Status: newclosed

(In [10370]) Fixed #10681 -- Work around (by ignoring) invalid ETag headers.

This is a hack to work around problems in the Real World. Apparently, Opera
9.64 has been observed sending malformed headers. We now compromise our high
principles and simply ignore such bad behaviour.

Patch from Ivan Sagalaev.

comment:6 by Jacob, 12 years ago

milestone: 1.1

Milestone 1.1 deleted

Note: See TracTickets for help on using tickets.
Back to Top