Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BUGFIX: Properly encode error message in internal request header #2756

Merged
merged 1 commit into from Mar 22, 2022
Merged

BUGFIX: Properly encode error message in internal request header #2756

merged 1 commit into from Mar 22, 2022

Conversation

albe
Copy link
Member

@albe albe commented Mar 21, 2022

According to the HTTP spec, characters like line breaks and some other are not allowed within a request header. Exception messages typically include those. Since guzzlehttp/psr7 1.8.4 it validates headers to this spec and makes our builds fail. This fixes that by base64 encoding the exception message we transfer via the X-Flow-ExceptionMessage header. Currently there is no code in the core that uses this header, but if you read this header at some obscure place, you need to base64_decode() the value first.

See https://github.com/guzzle/psr7/pull/486/files#diff-fb174524a7bba27ce140bc6ccd1c30811a6abeed9328e783b326189551ba7ed4R253

@albe
BUGFIX: Properly encode error message in internal request header
de6dfb4 
According to the HTTP spec, characters like line breaks and some other are not allowed within a request header. Exception messages typically include those. Since guzzlehttp/psr7 1.8.4 it validates headers to this spec and makes our builds fail. This fixes that by base64 encoding the exception message we transfer via the `X-Flow-ExceptionMessage` header. Currently there is no code in the core that uses this header, but if you read this header at some obscure place, you need to `base64_decode()` the value first.
@albe albe added the Bug label Mar 21, 2022
@albe albe mentioned this pull request Mar 21, 2022
Closed
4 tasks
mficzel
mficzel approved these changes Mar 22, 2022
View reviewed changes
Copy link
Member

@mficzel mficzel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fine by reading

@kdambekalns kdambekalns merged commit 288a2ef into 6.3 Mar 22, 2022
@kdambekalns kdambekalns deleted the fix-ire-exception-header branch March 22, 2022 06:49
@mhsdesign mhsdesign mentioned this pull request Mar 22, 2022
Draft
@albe albe mentioned this pull request Mar 25, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kdambekalns kdambekalns kdambekalns approved these changes

@mficzel mficzel mficzel approved these changes

@mhsdesign mhsdesign mhsdesign approved these changes

@kitsunet kitsunet Awaiting requested review from kitsunet

Assignees
No one assigned
Labels
Bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@albe @kdambekalns @mficzel @mhsdesign