Fix HTTP Request formatting in AdminConnection #489
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
AdminConnection
'sprocessRequest
method creates a hand-rolled HTTPrequest to the remote server. This is used by PKI Console when
authenticated as an administrator. Because of the recent CVE fix in
Tomcat (CVE-2020-1935), Tomcat will no longer accept
\n
(Line Feed)terminated requests and headers, and instead reject them as a bad
request. We fix this by adding the missing and required CR, per HTTP
specification.
This fixes the following exception in PKIConsole:
Signed-off-by: Alexander Scheel <ascheel@redhat.com>