| Subject: | XML parser throws exception on malformed request |
| Date: | Sat, 31 Oct 2009 14:48:51 +0000 |
| To: | bug-POE-Component-Server-XMLRPC [...] rt.cpan.org |
| From: | Tom Feist <shabble [...] cowu.be> |
Whilst playing with setting up an XMLRPC server and debugging firewall
issues,
I discovered that sending a malformed request
(such as 'wget http://localhost:port/?session=service') would bring
down the
whole script with an uncaught exception from the internal
XMLRPC::Deserializer
call (since there is no valid XML payload to be decoded).
Granted, this is an error condition, but it should probably reply with
a 403 or 500
and keep running, rather than falling over completely.
Attached is a short patch which fixes it for me by only parsing the
payload after
the content-type has been verified, and wrapping the call in an eval
block which
returns an error and continues serving.
Thanks,
Tom Feist.
Message body is not shown because sender requested not to inline it.