PQ76884; 4.0.7: Servlet processes incomplete post
data.
Downloadable files
Abstract
Web container ignores the error that was logged before
causing incomplete posting data of the POST request.
Download Description
PQ76884 resolves the following problem:
When the transfer of the data of the POST http request is not completed
for some reasons, such as I/O timeout, WebSphere® Application Server Web
container logs this problem but does not take an appropriate action.
Instead of returning an appropriate return code to the plug-in, Web
container continues processing the http POST request resulting that the
response is based on processing the incomplete data of the POST http
request.
Stack trace includes the following:
java.io.InterruptedIOException:
Read timed out
at java.net.SocketInputStream.socketRead(Native Method)
at
java.net.SocketInputStream.read(SocketInputStream.java(Compiled Code))
at com.ibm.ws.io.Stream.read(Stream.java:17)
Web container returns 200 status code to the plug-in and to the client
invoking a feeling that the request was processed properly but it was not.
This situation might occur when trafic is heavy and mostly but not
necessarily over slow networks, such as modem connections or ISDN lines.
In the past the APAR PQ76013 for WebSphere Application Server V5.0 was
created for the same problem.
PROBLEM SUMMARY:
USERS AFFECTED:
WebSphere Application Server users of POST method.
PROBLEM DESCRIPTION:
When transferring data for the POST, if an http request can not be
completed for some reasons, such as I/O timeout, Web container logs this
problem but does not take an appropriate action.
RECOMMENDATION:
When InterruptedIOException occurs, the exception was caught but ignored,
and thus, processing continues with partially received post data. This may
cause a servlet response to be incorrect.
PROBLEM CONCLUSION:
Up on InterruptedIOException, if web container is unable to retrieve all
post data correctly, the request is bad due to timeout. Thus a Request
Timeout error code should be sent back to the client, if the connection
still can be used.
In case of large post data from client, servlet should pay special
attention on how to catch and handle InterruptedIOException, otherwise,
web container will send 408 error.
Prerequisites
NONE
Installation Instructions
Please review the readme.txt for detailed installation
instructions.