-
Bug
-
Resolution: Fixed
-
P3
-
8u301, 18
-
b21
-
Verified
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8275922 | 17.0.2 | Evan Whelan | P3 | Resolved | Fixed | b03 |
JDK-8276092 | 15.0.6 | Yuri Nesterenko | P3 | Resolved | Fixed | b02 |
JDK-8276097 | 13.0.10 | Yuri Nesterenko | P3 | Resolved | Fixed | b02 |
JDK-8275961 | 11.0.14-oracle | Evan Whelan | P3 | Resolved | Fixed | b00 |
JDK-8276089 | 11.0.14 | Goetz Lindenmaier | P3 | Resolved | Fixed | b01 |
JDK-8276762 | openjdk8u322 | Zhengyu Gu | P3 | Resolved | Fixed | b02 |
JDK-8276069 | 8u331 | Evan Whelan | P3 | Resolved | Fixed | b01 |
JDK-8279112 | 8u321 | Evan Whelan | P3 | Resolved | Fixed | b31 |
JDK-8276900 | 8u311 | Evan Whelan | P3 | Closed | Fixed | b32 |
https://github.com/openjdk/jdk/blob/722d639fad2e4fc6eb2aabd427e2719501899cfe/src/java.base/share/classes/sun/net/www/http/HttpClient.java#L310
- this line checks for literal value of "POST", whereas it should check for equality.
As a consequence, the check is performed as intended only if the request method is set using a literal string "POST". The check is not performed, if the request method is set to "POST", but the string is constructed - e.g. read from a property or extracted from configuration.
A similar issue exists in HttpsClient.
Expected behaviour:
The connection liveness check behaviour should be identical, irrespective of how the request method is set.
Proof:
A patch for application-side code checking whether the request method is equal to "POST", and setting the requestMethod to a literal "POST", solves the issue on the application side.
- backported by
-
JDK-8275922 HttpURLConnection: HttpClient and HttpsClient incorrectly check request method when set to POST
- Resolved
-
JDK-8275961 HttpURLConnection: HttpClient and HttpsClient incorrectly check request method when set to POST
- Resolved
-
JDK-8276069 HttpURLConnection: HttpClient and HttpsClient incorrectly check request method when set to POST
- Resolved
-
JDK-8276089 HttpURLConnection: HttpClient and HttpsClient incorrectly check request method when set to POST
- Resolved
-
JDK-8276092 HttpURLConnection: HttpClient and HttpsClient incorrectly check request method when set to POST
- Resolved
-
JDK-8276097 HttpURLConnection: HttpClient and HttpsClient incorrectly check request method when set to POST
- Resolved
-
JDK-8276762 HttpURLConnection: HttpClient and HttpsClient incorrectly check request method when set to POST
- Resolved
-
JDK-8279112 HttpURLConnection: HttpClient and HttpsClient incorrectly check request method when set to POST
- Resolved
-
JDK-8276900 HttpURLConnection: HttpClient and HttpsClient incorrectly check request method when set to POST
- Closed
- links to
-
Commit openjdk/jdk11u-dev/9cc66169
-
Commit openjdk/jdk13u-dev/9e76ccb2
-
Commit openjdk/jdk15u-dev/ca609529
-
Commit openjdk/jdk17u/a1dc5955
-
Commit openjdk/jdk/45ce06c9
-
Review openjdk/jdk11u-dev/562
-
Review openjdk/jdk13u-dev/284
-
Review openjdk/jdk15u-dev/123
-
Review openjdk/jdk17u/212
-
Review openjdk/jdk/5964