[jira] [Commented] (COUCHDB-2673) "Location" header in HTTP response should properly encode the document _id

Tue, 28 Apr 2015 06:00:26 -0700 

    [ 
https://issues.apache.org/jira/browse/COUCHDB-2673?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14516986#comment-14516986
 ] 

ASF subversion and git services commented on COUCHDB-2673:
----------------------------------------------------------

Commit 428b5ad7b4295964b09196c224a39c094632a731 in couchdb's branch 
refs/heads/1.x.x from [~s...@rfc1149.net]
[ https://git-wip-us.apache.org/repos/asf?p=couchdb.git;h=428b5ad ]

Properly escape Location: HTTP header

Non-ASCII characters in the "Location:" header must be URL-encoded. This
can happen if a document is inserted with a user-defined "_id"
containing non-ASCII characters or if a filename contains non-ASCII
characters.

Fixes COUCHDB-2673


> "Location" header in HTTP response should properly encode the document _id
> --------------------------------------------------------------------------
>
>                 Key: COUCHDB-2673
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-2673
>             Project: CouchDB
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: HTTP Interface
>    Affects Versions: 1.6.1
>            Reporter: Samuel Tardieu
>
> When inserting a document in a CouchDB 1.6.1 database, the response sent by 
> CouchDB contains a "Location" HTTP header with the URI of the newly created 
> document.
> However, if the "_id" of the new document contains non-ASCII characters, this 
> "Location" header is not properly encoded.
> Example:
> {code}
>  % curl -v -H "Content-Type: application/json" -X POST 
> http://localhost:5984/test/ --data '{"_id": "xxxé"}'
> *   Trying ::1...
> * Connected to localhost (::1) port 5984 (#0)
> > POST /test/ HTTP/1.1
> > Host: localhost:5984
> > User-Agent: curl/7.42.0
> > Accept: */*
> > Content-Type: application/json
> > Content-Length: 16
> > 
> * upload completely sent off: 16 out of 16 bytes
> < HTTP/1.1 201 Created
> < Server: CouchDB/1.6.1 (Erlang OTP/17)
> < Location: http://localhost:5984/test/xxxé
> < ETag: "1-967a00dff5e02add41819138abb3284d"
> < Date: Sat, 25 Apr 2015 21:33:04 GMT
> < Content-Type: text/plain; charset=utf-8
> < Content-Length: 68
> < Cache-Control: must-revalidate
> < 
> {"ok":true,"id":"xxxé","rev":"1-967a00dff5e02add41819138abb3284d"}
> {code}
> According to RFC 2616 ("HTTP headers only contain ASCII") and RFC 2396 ("here 
> is how to construct an URI from ASCII characters"), the "Location" header 
> should be formatted as:
> {code}
> Location: http://localhost:5984/test/xxx%C3%A9
> {code}
> The "spray.io" framework warns against this invalid response when doing such 
> a request towards a CouchDB database.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to