-
Enhancement
-
Resolution: Duplicate
-
P4
-
None
-
17, 23
-
generic
-
generic
ADDITIONAL SYSTEM INFORMATION :
All OS - All system - Since Java 17
A DESCRIPTION OF THE PROBLEM :
Since jdk17 you implements the section A.1.1 from the RFC 2560. The RFC A.1.1 describe the request section as : To enable HTTP caching, small requests (that after encoding are less than 255 bytes), MAY be submitted using GET. - So it's a recommendation not obligation. But in the package java.base sun.security.provider.certpath.OCSP.java in the method getOCSPBytes line 225, the call to the GET is automatic if the request length after encoding is under or equal 255 bytes.
There is no possibility to use the POST request method if the request length is under or equal 255 bytes. So :
1: Put a flag to use POST method no matter the length of the request after encoding to respect the RFC 2560 section A.1.1.
2: For GET verb, put the condition to strictly test under 255 bytes not under or equal.
Thank you.
All OS - All system - Since Java 17
A DESCRIPTION OF THE PROBLEM :
Since jdk17 you implements the section A.1.1 from the RFC 2560. The RFC A.1.1 describe the request section as : To enable HTTP caching, small requests (that after encoding are less than 255 bytes), MAY be submitted using GET. - So it's a recommendation not obligation. But in the package java.base sun.security.provider.certpath.OCSP.java in the method getOCSPBytes line 225, the call to the GET is automatic if the request length after encoding is under or equal 255 bytes.
There is no possibility to use the POST request method if the request length is under or equal 255 bytes. So :
1: Put a flag to use POST method no matter the length of the request after encoding to respect the RFC 2560 section A.1.1.
2: For GET verb, put the condition to strictly test under 255 bytes not under or equal.
Thank you.
- duplicates
-
-
- Resolved
-
- relates to
-
-
- Resolved
-