[SWS-845] checkForUtf8ByteOrderMark() will not detect BOM with some TLSv1 implementations Created: 09/Aug/13 Updated: 20/Aug/13 Resolved: 20/Aug/13
|Project:||Spring Web Services|
|Reporter:||Martin Cizek||Assignee:||Arjen Poutsma|
|Remaining Estimate:||Not Specified|
|Time Spent:||Not Specified|
|Original Estimate:||Not Specified|
All setups where first read() from the stream does not return at least three bytes + clients that send BOM.
But the BOM removal functionality still won't work e.g. if the first byte is sent separately.
I suggest a modification like this (haven't tested it):
The thing is that the read() call guarantees just one byte. And this situation isn't that rare - some implementations of TLSv1 really send the first byte separately, our customer had this problem with a WS client based on WinHttp.WinHttpRequest object on Windows 2008 R2. We had to workaround
So if anybody had bad luck of having the TLSv1 + BOM issue, they would be affected.
Hope this helps.
|Comment by Martin Cizek [ 09/Aug/13 ]|
I was too quick when submitting, may I ask for updating the subject to "checkForUtf8ByteOrderMark() will not detect BOM with some TLSv1 implementations"? Thanks.