Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invalid partial content requests possible with start byte = resource-byte-count #23576

Closed
gbrehmer opened this issue Sep 3, 2019 · 0 comments
Closed

Invalid partial content requests possible with start byte = resource-byte-count #23576

gbrehmer opened this issue Sep 3, 2019 · 0 comments
Assignees
@rstoyanchev
Labels
in: web Issues in web modules (web, webmvc, webflux, websocket) type: enhancement A general enhancement
Milestone
5.2 RC2

Comments

@gbrehmer
Copy link

gbrehmer commented Sep 3, 2019
edited by rstoyanchev
Loading

Spring Boot 2.1.7 / Spring Framework 5.1.9

Because ResourceRegion (HttpRange.toResourceRegion) allows regions with a length of 0, it is possible to request the following range.

Range: bytes=<resource_byte_count>-

This will return the following invalid Content-Range Header:

Content-Range: length-(length_minus_1)/length

For example:
Content-Range: 37623133-37623132/37623133

Length: 0 Bytes

Such a request should return 416 like other requests outside of the valid range
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged or decided on label Sep 4, 2019
@gbrehmer gbrehmer changed the title Invalid partial content requests possible with length 0 Invalid partial content requests possible with start byte = resource-byte-count Sep 4, 2019
@rstoyanchev rstoyanchev added in: web Issues in web modules (web, webmvc, webflux, websocket) type: enhancement A general enhancement and removed status: waiting-for-triage An issue we've not yet triaged or decided on labels Sep 4, 2019
@rstoyanchev rstoyanchev self-assigned this Sep 4, 2019
@rstoyanchev rstoyanchev added this to the 5.2 RC2 milestone Sep 4, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rstoyanchev rstoyanchev

Labels
in: web Issues in web modules (web, webmvc, webflux, websocket) type: enhancement A general enhancement
Projects
None yet
Milestone
5.2 RC2
Development

No branches or pull requests
3 participants
@rstoyanchev @gbrehmer @spring-projects-issues