Project

General

Profile

Actions

Bug #10591

closed

Net::HTTPResponse#read_status_line does not throw Net::HTTPBadResponse with some malformed responses.

Added by Anonymous over 9 years ago. Updated about 9 years ago.

Status:
Closed
Assignee:
-
Target version:
-
ruby -v:
ruby 2.1.5p273 (2014-11-13 revision 48405) [x86_64-darwin12.0]
[ruby-core:66791]

Description

The offending line of code appears to be this: https://github.com/ruby/ruby/blob/448c87008e1bc66a93b8f21eedea060f281874a4/lib/net/http/response.rb#L40

The regular expression for matching the status line uses \s* to match the space between the response code and message. This is erroneous because when given a malformed status line like HTTP/1.1 1234 it parses the response code as 123 and the message as 4.

Reference: http://www.w3.org/Protocols/rfc2616/rfc2616-sec6.html#sec6.1

Actions

Also available in: Atom PDF

Like0
Like0Like0Like0Like0Like0Like0