[jira] [Created] (CAMEL-22353) Undertow "null header error" on response if there is an invalid character in the request header name

Fri, 15 Aug 2025 05:16:56 -0700 

Valeriy Ak created CAMEL-22353:
----------------------------------

             Summary: Undertow "null header error" on response if there is an 
invalid character in the request header name
                 Key: CAMEL-22353
                 URL: https://issues.apache.org/jira/browse/CAMEL-22353
             Project: Camel
          Issue Type: Bug
          Components: camel-http, camel-servlet
    Affects Versions: 4.13.0, 4.x
            Reporter: Valeriy Ak


I understand that this is not exactly a Camel component bug, but more of a 
compatibility issue. However, it seems like it would be nice to support this 
compatibility.

In 
[Undertow[|https://github.com/undertow-io/undertow|https://github.com/undertow-io/undertow]],
 when forming a response, there is a built-in check for characters ([only codes 
0–255 are 
allowed|https://github.com/undertow-io/undertow/blame/0ea9ca3f1b79389daea2d46aaa33977d5154be15/core/src/main/java/io/undertow/util/HttpString.java#L159C21-L159C25])
 (. If an invalid character appears, then the header name becomes {{null}} and 
an exception is thrown.

When responding, {{HttpHeaderFilterStrategy}} checks the header name for 
{{{}null{}}}, but does not check for RFC validity 
([link|[https://www.rfc-editor.org/rfc/rfc7230#section-3.2]]).

It would be great to add a mode for validating header correctness on input, or 
perhaps there is a better solution for ensuring compatibility with Undertow.

 
{code:java}
java.lang.NullPointerException: UT010052: Header name was null  at 
io.undertow.servlet.spec.HttpServletResponseImpl.addHeader(HttpServletResponseImpl.java:271)
 ~[undertow-servlet-2.3.18.Final.jar:2.3.18.Final]       at 
io.undertow.servlet.spec.HttpServletResponseImpl.addHeader(HttpServletResponseImpl.java:266)
 ~[undertow-servlet-2.3.18.Final.jar:2.3.18.Final]       at 
org.apache.camel.http.common.DefaultHttpBinding.doWriteResponse(DefaultHttpBinding.java:443)
 ~[camel-http-common-4.13.0.jar:4.13.0]  at 
org.apache.camel.http.common.DefaultHttpBinding.writeResponse(DefaultHttpBinding.java:373)
 ~[camel-http-common-4.13.0.jar:4.13.0]    at 
org.apache.camel.http.common.CamelServlet.afterProcess(CamelServlet.java:380) 
~[camel-http-common-4.13.0.jar:4.13.0] at 
org.apache.camel.http.common.CamelServlet.doExecute(CamelServlet.java:321) 
~[camel-http-common-4.13.0.jar:4.13.0]    at 
org.apache.camel.http.common.CamelServlet.doService(CamelServlet.java:235) 
~[camel-http-common-4.13.0.jar:4.13.0]    at 
org.apache.camel.http.common.CamelServlet.handleService(CamelServlet.java:111) 
~[camel-http-common-4.13.0.jar:4.13.0] {code}
 

Also I create simle excample of that error - 
[https://github.com/Akvel/camel-header-error-example|https://github.com/Akvel/camel-header-error-example]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to