Invalid Accept-Encoding header causes panic #914
Labels
effort-minutes
Will take up to 60 minutes to implement
priority-should
sooner rather than later
topic-controller
topic-filter
type-bug
Milestone
If you have results.compressed turned on, and you try to request a page with invalid Accept-Encoding headers (with a semicolon). Ex:
curl --header "Accept-Encoding: foobar;" 127.0.0.1:9000
. It results in a panic ofand gives a 500 response to the client with RenderError.
Line 54 of init.go is the standard HeaderFilter included in init.go by default. By commenting out the HeaderFilter in the filters list, you get a different error instead:
Which also results in multiple writes in the response, with the panic being on top of the actual page you requested for, not a server error page (RenderError).
The stack trace is also returned in the response when running in production mode (Not sure if this is intended?)EDIT: I realised that this part of the issue has already been resolved in 0.12 #831. I would expect there to be a bad request response, or there to not be a panic/ignoring the bad header.I'm using revel 0.11.3 with Go 1.4 darwin/amd64
The text was updated successfully, but these errors were encountered: