- changed status to resolved
HTTPRequest send method error response does not use UTF-8 character decoding
Issue #426
resolved
The method HTTPResponse send()
in src/main/java/com/nimbusds/oauth2/sdk/http/HTTPRequest.java
does not explicitly decode the error responses with UTF-8 which causes issues if the error response contains characters like ‘ÆØÅ’ and the locale in the environment where the JVM runs is not UTF-8.
How to replicate:
- JVM with ANSI_X3.4-1968 as locale. (Can be forced through VM options i.e. ‘-Dfile.encoding=ANSI_X3.4-1968’)
- Get error response which contains the character ‘Ø'
Expected output: ��
Solution:
- Add
StandardCharsets.UTF_8
to InputStreamReader() on line 1038 insrc/main/java/com/nimbusds/oauth2/sdk/http/HTTPRequest.java
(https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/src/f65504ca4d8b52c42031350dac8ba916f5f4806b/src/main/java/com/nimbusds/oauth2/sdk/http/HTTPRequest.java#lines-1038)
Comments (1)
-
- Log in to comment
Fixed here: 01b908da
Released:
Thanks for the report and solution!