Actions
Bug #10970
closedOPTIONS * request generates assert
Start date:
09/24/2022
Due date:
% Done:
100%
Estimated time:
Description
Issuing the following (valid) http request:
OPTIONS * HTTP/1.1
triggers the following assert
assert(path.empty() || path[0] == '/');
due to path being *
.
Not sure if this is just an assert issue, or that the *
is indeed not handled correctly for OPTIONS
requests.
Files
Updated by Roel Standaert 12 months ago
- File 0001-WT-10970-disallow-asterisk-form-RFC-9112-3.2.4.patch 0001-WT-10970-disallow-asterisk-form-RFC-9112-3.2.4.patch added
- Status changed from InProgress to Review
- Assignee changed from Roel Standaert to Korneel Dumon
It appears that the easiest way to fix this is to disallow those kinds of requests. The patch (attached) is currently in review.
Actions