Hello,
I discovered today that there is a mistake in one of the headers in the project API functions.
I noticed that using this with sca-codeinsight-reports-project-vulnerabilities to create and
upload a report:
- worked using
http://localhost:8888 as baseURL,
- but didn't work using
https://check.domain.com as baseURL, and an Apache server as a front-end handling https
The apache logs mentioned AH02426: Request header field name is malformed: Content Type: multipart/form-data which pointed me to this issue.
Now the interesting part is that I tried to change to Content-Type and instead of Apache throwing a 400 Bad Request error, it was tomcat which was throwing a 500 Internal Server error! and browsing through Java exceptions stack it said something like:
Root Cause</b></p><pre>java.lang.NoSuchMethodError: org.jvnet.mimepull.MIMEMessage.close
I am not a big Tomcat expert but it looks like a library/dependency would be missing. I just tried without any Content-Type header and... it worked. I leave you to decide what would be the clean way to solve this, either to get the multipart Content-Type field to work or to leave the function without it.. I have no idea.
https://github.com/flexera/sca-codeinsight-restapi-python/blob/dbad20b097ae39dd56cb1502bfa829dd1331875f/project/upload_reports.py#L28
Hello,
I discovered today that there is a mistake in one of the headers in the project API functions.
I noticed that using this with sca-codeinsight-reports-project-vulnerabilities to create and
upload a report:
http://localhost:8888as baseURL,https://check.domain.comas baseURL, and an Apache server as a front-end handling httpsThe apache logs mentioned
AH02426: Request header field name is malformed: Content Type: multipart/form-datawhich pointed me to this issue.Now the interesting part is that I tried to change to
Content-Typeand instead of Apache throwing a 400 Bad Request error, it was tomcat which was throwing a 500 Internal Server error! and browsing through Java exceptions stack it said something like:I am not a big Tomcat expert but it looks like a library/dependency would be missing. I just tried without any Content-Type header and... it worked. I leave you to decide what would be the clean way to solve this, either to get the multipart Content-Type field to work or to leave the function without it.. I have no idea.
https://github.com/flexera/sca-codeinsight-restapi-python/blob/dbad20b097ae39dd56cb1502bfa829dd1331875f/project/upload_reports.py#L28