Skip to content

Invalid Accept header results in IllegalStateException #29794

New issue
New issue
Closed
Closed
Invalid Accept header results in IllegalStateException#29794
Assignees
poutsma
Labels
in: webIssues in web modules (web, webmvc, webflux, websocket)status: backportedAn issue that has been backported to maintenance branchestype: bugA general bug
Milestone
 
6.0.5
@malware27

Description

@malware27
malware27
opened on Jan 10, 2023

Affects: 5.3.23

Hitting IllegalStateExcption at - Sourcegraph

(Comment says should never happen)

Reproducer - https://github.com/malware27/simple-springboot-app/tree/master/simple-springboot-app

Sample curl after bringing the above application up locally -

curl 'http://localhost:9001/property' \ -H 'Accept: abc' \ -H 'Accept-Language: en-GB,en-US;q=0.9,en;q=0.8' \ -H 'Cache-Control: no-cache' \ -H 'Connection: keep-alive' \ -H 'Pragma: no-cache' \ -H 'Sec-Fetch-Dest: document' \ -H 'Sec-Fetch-Mode: navigate' \ -H 'Sec-Fetch-Site: none' \ -H 'Sec-Fetch-User: ?1' \ -H 'Upgrade-Insecure-Requests: 1' \ -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36' \ -H 'sec-ch-ua: "Not?A_Brand";v="8", "Chromium";v="108", "Google Chrome";v="108"' \ -H 'sec-ch-ua-mobile: ?0' \ -H 'sec-ch-ua-platform: "macOS"' \ --compressed

The application logs after hitting the above curl -

2023-01-10 17:02:22.967 ERROR 55658 --- [nio-9001-exec-8] o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is java.lang.IllegalStateException: Cannot compare without having any requested media types] with root cause

org.springframework.web.HttpMediaTypeNotAcceptableException: Could not parse 'Accept' header [abc]: Invalid mime type "abc": does not contain '/'
at org.springframework.web.accept.HeaderContentNegotiationStrategy.resolveMediaTypes(HeaderContentNegotiationStrategy.java:59) ~[spring-web-5.0.8.RELEASE.jar:5.0.8.RELEASE]
at org.springframework.web.accept.ContentNegotiationManager.resolveMediaTypes(ContentNegotiationManager.java:124) ~[spring-web-5.0.8.RELEASE.jar:5.0.8.RELEASE]
at org.springframework.web.servlet.mvc.condition.ProducesRequestCondition.getAcceptedMediaTypes(ProducesRequestCondition.java:262) ~[spring-webmvc-5.0.8.RELEASE.jar:5.0.8.RELEASE]
at

This specifically happens when the following two cases are satisfied -

  • There are two handlermethods (One probably with RequestMapping and another with GetMapping) for the same endpoint.
  • There is a bad accept header in the request

I had a library with spring boot auto configuration enabled which had a handlerMethod handling the same endpoint which my application did and hence discovered this issue.

Happy to contribute if this an actual issue and I did not mess up something.

Metadata

Metadata

Assignees

Labels

in: webIssues in web modules (web, webmvc, webflux, websocket)status: backportedAn issue that has been backported to maintenance branchestype: bugA general bug

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions