Skip Menu |

This queue is for tickets about the POE-Component-Server-XMLRPC CPAN distribution.

Report information
The Basics
Id: 51002
Status: new
Priority: 0/
Queue: POE-Component-Server-XMLRPC

People
Owner: Nobody in particular
Requestors: shabble [...] cowu.be
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)



Subject: XML parser throws exception on malformed request
Date: Sat, 31 Oct 2009 14:48:51 +0000
To: bug-POE-Component-Server-XMLRPC [...] rt.cpan.org
From: Tom Feist <shabble [...] cowu.be>
Whilst playing with setting up an XMLRPC server and debugging firewall issues, I discovered that sending a malformed request (such as 'wget http://localhost:port/?session=service') would bring down the whole script with an uncaught exception from the internal XMLRPC::Deserializer call (since there is no valid XML payload to be decoded). Granted, this is an error condition, but it should probably reply with a 403 or 500 and keep running, rather than falling over completely. Attached is a short patch which fixes it for me by only parsing the payload after the content-type has been verified, and wrapping the call in an eval block which returns an error and continues serving. Thanks, Tom Feist.

Message body is not shown because sender requested not to inline it.