Uploaded image for project: 'Magnolia'
  1. Magnolia
  2. MAGNOLIA-8679

Avoid duplication of headers

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Neutral
    • 6.3.0, 6.2.28
    • 6.2.27
    • None

    Description

      When there are multiple requests, headers are duplicated in info.magnolia.cms.filters.AddHeadersFilter because org.apache.http.HttpMessage.addHeader(String, String) is used to add headers.

      Another case is info.magnolia.enterprise.registration.RegistrationFilter that includes "X-Magnolia-Registration", after that, here, the header is duplicated due to info.magnolia.module.cache.filter.CacheResponseWrapper.replayHeadersAndStatus(HttpServletResponse target), here info.magnolia.cms.util.RequestHeaderUtil.setHeader(HttpServletResponse, String, Object) where the header is added when it was already added to the request.

      An easy way to reproduce it is installing Sitemesh, after installing this module, after request will have duplicate headers

      Although, the protocol defines:

      Multiple message-header fields with the same field-name MAY be present in a message if and only if the entire field-value for that header field is defined as a comma-separated list [i.e., #(values)]. It MUST be possible to combine the multiple header fields into one "field-name: field-value" pair, without changing the semantics of the message, by appending each subsequent field-value to the first, each separated by a comma. The order in which header fields with the same field-name are received is therefore significant to the interpretation of the combined field value, and thus a proxy MUST NOT change the order of these field values when a message is forwarded.
      

      It may be a good practice to check if a header already exists with the same value. There is a utility class to work with headers that might help: info.magnolia.cms.util.RequestHeaderUtil

      Workaround:
      Adding a bypass to the filter -> info.magnolia.voting.voters.ForwardVoter

      Checklists

        Acceptance criteria

        Attachments

          Issue Links

            There are no Sub-Tasks for this issue.

            Activity

              People

                canh.nguyen Canh Nguyen
                miruela Mercedes Iruela
                DeveloperX
                Votes:
                3 Vote for this issue
                Watchers:
                12 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:
                  Work Started:

                  Checklists

                    Bug DoR
                    Task DoD

                    Time Tracking

                      Estimated:
                      Original Estimate - Not Specified
                      Not Specified
                      Remaining:
                      Remaining Estimate - Not Specified
                      Not Specified
                      Logged:
                      Time Spent - 2d 5h
                      2d 5h