GNOME Bugzilla – Bug 736267
rtspconnection: Be more forgiving when parsing session header in requests
Last modified: 2015-06-22 17:52:30 UTC
Created attachment 285650 [details] [review] rtspconnection: ignore timeout in session request header According to the rfc the timeout parameter is only allowed in a session response header but some clients, like Honeywell VMS applications, send it as part of a session request header too: PLAY rtsp://172.26.151.197/axis-media/media.amp?videocodec=h264&camera=1&videokeyframeinterval=8&resolution=1280x720&compression=41&fps=60&color=1 RTSP/1.0 CSeq: 3 User-Agent: Axis AMC Session: fNpBsc72MwWfp%2BsL; timeout=60 Would you accept a patch which basically ignores everything from the semicolon to the end of the line when parsing session ids? Or perhaps checking for any non-allowed character? Currently rtspconnection takes everything from the colon as session id.
Comment on attachment 285650 [details] [review] rtspconnection: ignore timeout in session request header Seems sensible to me
commit 0ea1b559bf1706d35683db648ae511e97bf35a47 Author: Ognyan Tonchev <ognyan@axis.com> Date: Tue Sep 9 11:37:26 2014 +0200 rtspconnection: ignore timeout in session request header The timeout parameter is only allowed in a session response header but some clients, like Honeywell VMS applications, send it as part of the session request header. Ignore everything from the semicolon to the end of the line when parsing session id. Fixes https://bugzilla.gnome.org/show_bug.cgi?id=736267
This was actually not completely correct, fixup: commit 18c610eddaff068e57bbe0f8dc7e268becb1bba6 Author: Sebastian Dröge <sebastian@centricular.com> Date: Mon Jun 22 19:51:32 2015 +0200 rtspconnection: Only drop everything after the ; of a session header in requests For responses it is actually allowed and used to signal the timeout to the client! https://bugzilla.gnome.org/show_bug.cgi?id=736267