HttpHeaders should accept empty Content-Type header [SPR-12173] #16787
Labels
in: web
Issues in web modules (web, webmvc, webflux, websocket)
status: backported
An issue that has been backported to maintenance branches
type: enhancement
A general enhancement
Milestone
Oliver Otzen opened SPR-12173 and commented
If a client is sending a POST message with an empty header 'Content-Type' the request fails with a IllegalArgumentException.
In HttpHeaders Line 305 only null values will be checked, but not empty values.
In the RFC 7231 it is not explicitly forbidden to send an empty 'Content-Type'-header field.
http://tools.ietf.org/html/rfc7231#section-3.1.1.5
Example POST from chrome browser:
Affects: 3.2.4
Issue Links:
Referenced from: commits d501137, a1c0905, 4ab27d8, 44c52a9, 70412a9, afb0342
Backported to: 4.0.8, 3.2.12
3 votes, 4 watchers
The text was updated successfully, but these errors were encountered: