PK37608; 6.1.0.7: WebSphere Application Server cannot handle headers with "$"

Download

Abstract

Applications or stack products can have problems when a header name contains a dollar sign "$".

Download Description

PK37608 resolves the following problem:

ERROR DESCRIPTION:
The special header $WSEP was added to support a function in the ODR.Plug-in does not use it relies only on the HTTP status line.

The solution for the above problem involves 2 parts as follows.

1. The ODR team adds a new header "$WSSC", set to the value "ErrorPage", on requests forwarded to the webcontainer.

2. The webcontainer implements a custom property:

com.ibm.ws.webcontainer.suppressErrorPageODRHeader

if set to false (default) the webcontainer will include the $WSEP header in the error page response (current default behavior)

if set to true the webcontainer will not include the $WSEP header in the error page response unless it finds a "WSSC" header set to "ErrorPage" in the request.

LOCAL FIX:
N/A

PROBLEM SUMMARY

USERS AFFECTED:
IBM® WebSphere® Application Server version 6.0 users in which their code cannot handle a dollar sign ($) in a header.

PROBLEM DESCRIPTION:
Applications or stack products can have problems when a header name contains a dollar sign "$".

RECOMMENDATION:
None

The Web Container adds a HTTP header name $WSEP for some error conditions (for example, a 403 error code). Certain applications or stack products such as WebSphere Extended Deployment cannot handle having a "$" as part of the header

There is a need to be able to suppress the header.

PROBLEM CONCLUSION:
The solution to this problem involves two steps:

1. The stack product or application needs to add a new header named "$WSPC" and the value set to "ErrorPage" on requests forwarded to the WebContainer.

2. The WebContainer code was modified to look for a WebContainer custom property named:
com.ibm.ws.webcontainer.suppressErrorPageODRHeader

If the value of the property is "false", which is the default behavior, the webcontainer will include the $WSEP header in the error page response.

If the value is set to "true" the WebContainer will not include the $WSEP header in the error page response unless it finds a "$WSPC" header that is set to "ErrorPage" in the request.

The fix for this APAR is currently targeted for inclusion in fixpacks 6.0.2.19 and 6.1.0.9.

Please refer to the Recommended Updates page for delivery information:
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980

Prerequisites

Please download the UpdateInstaller below to install this fix.

[{"PRLabel":"UpdateInstaller","PRLang":"US English","PRSize":"7250000","PRPlat":{"label":"AIX","code":"PF002"},"PRURL":"http://www.ibm.com/support/docview.wss?rs=180&uid=swg21205991"}]

Installation Instructions

Please review the readme.txt for detailed installation instructions.

[{"INLabel":"Readme","INLang":"US English","INSize":"7206","INURL":"ftp://public.dhe.ibm.com/software/websphere/appserv/support/fixes/PK37608/readme.txt"}]

Off

          [{"DNLabel":"6.1.0.7-WS-WAS-IFPK37608","DNDate":"04-26-2007","DNLang":"US English","DNSize":"39037","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"ftp://public.dhe.ibm.com/software/websphere/appserv/support/fixes/PK37608/6.1.0.7-WS-WAS-IFPK37608.pak","DNURL_FTP":null,"DDURL":"http://public.dhe.ibm.com:7618;sw_websphere;appserv/support/fixes/PK37608/6.1.0.7-WS-WAS-IFPK37608.pak"}]
          

Technical Support

Contact IBM Support using SR (http://www-306.ibm.com/software/support/probsub.html), visit the WebSphere Application Server Support Web site (http://www.ibm.com/software/webservers/appserv/was/support/), or contact 1-800-IBM-SERV(U.S. only).

[{"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"Servlet Engine\/Web Container","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"6.1.0.7","Edition":"Base;Express;Network Deployment","Line of Business":{"code":"LOB45","label":"Automation"}},{"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Java SDK","Platform":[{"code":"","label":""}],"Version":"","Edition":"","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]

Problems (APARS) fixed
PK37608

Was this topic helpful?

Document Information

Modified date:
15 June 2018

UID

swg24016701

Tips