https://issues.apache.org/bugzilla/show_bug.cgi?id=56018
Bug ID: 56018
Summary: Oversized header errors are not handled in some cases
Product: Tomcat 7
Version: 7.0.50
Hardware: PC
OS: All
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
Assignee: dev@tomcat.apache.org
Reporter: omikh...@gmail.com
Atempts to set oversized headers should fail with a nice screen:
HTTP Status 500 - An attempt was made to write more data to the response
headers than there was room available in the buffer. Increase maxHttpHeaderSize
on the connector or write less data into the response headers.
That's the case *only* if you explicitly flush response writer:
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws
ServletException, IOException {
byte[] ba = new byte[10000];
Arrays.fill(ba, (byte) 1);
resp.addCookie(new Cookie("test",
DatatypeConverter.printBase64Binary(ba)));
resp.getWriter().flush();
}
But in case there is no flush - it just silently fails with no errors
whatsoever (neither in browser nor in the logs).
The same story with redirect:
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws
ServletException, IOException {
byte[] ba = new byte[10000];
Arrays.fill(ba, (byte) 1);
resp.addCookie(new Cookie("test",
DatatypeConverter.printBase64Binary(ba)));
resp.sendRedirect("blah");
}
it just silently dies
Please confirm this is a bug, I can provide patch if needed.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
