Chunked stream exception
260 views
Skip to first unread message
Albert
Sep 23, 2016, 10:10:39 AM9/23/16
to OWASP ZAP Developer Group
Hi,
I am getting lots of this exceptions during the scanning and spidering process on the zap log.
I guess is the HTTP client. Can it be customized? Or any ideas how to prevent it?
09:48:43 java.io.IOException: chunked stream ended unexpectedly 09:48:43 at org.apache.commons.httpclient.ChunkedInputStream.getChunkSizeFromInputStream(ChunkedInputStream.java:252) 09:48:43 at org.apache.commons.httpclient.ChunkedInputStream.nextChunk(ChunkedInputStream.java:221) 09:48:43 at org.apache.commons.httpclient.ChunkedInputStream.read(ChunkedInputStream.java:176) 09:48:43 at java.io.FilterInputStream.read(Unknown Source) 09:48:43 at org.apache.commons.httpclient.AutoCloseInputStream.read(AutoCloseInputStream.java:108) 09:48:43 at java.io.FilterInputStream.read(Unknown Source) 09:48:43 at org.apache.commons.httpclient.AutoCloseInputStream.read(AutoCloseInputStream.java:127) 09:48:43 at org.apache.commons.httpclient.HttpMethodBase.getResponseBody(Unknown Source) 09:48:43 at org.parosproxy.paros.network.HttpSender.send(Unknown Source) 09:48:43 at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) 09:48:43 at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) 09:48:43 at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) 09:48:43 at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) 09:48:43 at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) 09:48:43 at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:313) 09:48:43 at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) 09:48:43 at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188) 09:48:43 at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source) 09:48:43 at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source) 09:48:43 at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source) 09:48:43 at java.lang.Thread.run(Unknown Source)
thc...@gmail.com
Sep 27, 2016, 4:19:16 AM9/27/16
to zaproxy...@googlegroups.com, albert....@gmail.com
Hi.
Could you provide an example response (as seen on the wire) that
triggers the issue?
That could be prevented by using HTTP/1.0 (e.g. by setting that version
to the requests with a HTTP Sender script).
Best regards.
On 23/09/16 15:10, Albert wrote:
> Hi,
>
> I am getting lots of this exceptions during the scanning and spidering
> process on the zap log.
>
> I guess is the HTTP client. Can it be customized? Or any ideas how to
> prevent it?
>
> *09:48:43* java.io.IOException: chunked stream ended unexpectedly
> *09:48:43* at org.apache.commons.httpclient.ChunkedInputStream.getChunkSizeFromInputStream(ChunkedInputStream.java:252)
> *09:48:43* at org.apache.commons.httpclient.ChunkedInputStream.nextChunk(ChunkedInputStream.java:221)
> *09:48:43* at org.apache.commons.httpclient.ChunkedInputStream.read(ChunkedInputStream.java:176)
> *09:48:43* at java.io.FilterInputStream.read(Unknown Source)
> *09:48:43* at org.apache.commons.httpclient.AutoCloseInputStream.read(AutoCloseInputStream.java:108)
> *09:48:43* at java.io.FilterInputStream.read(Unknown Source)
> *09:48:43* at org.apache.commons.httpclient.AutoCloseInputStream.read(AutoCloseInputStream.java:127)
> *09:48:43* at org.apache.commons.httpclient.HttpMethodBase.getResponseBody(Unknown Source)
> *09:48:43* at org.parosproxy.paros.network.HttpSender.send(Unknown Source)
> *09:48:43* at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source)
> *09:48:43* at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source)
> *09:48:43* at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source)
> *09:48:43* at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source)
> *09:48:43* at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source)
> *09:48:43* at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:313)
> *09:48:43* at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source)
> *09:48:43* at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188)
> *09:48:43* at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source)
> *09:48:43* at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source)
> *09:48:43* at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source)
> *09:48:43* at java.lang.Thread.run(Unknown Source)
>
>
> --
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP Developer Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-devel...@googlegroups.com
> <mailto:zaproxy-devel...@googlegroups.com>.
> To view this discussion on the web, visit
> https://groups.google.com/d/msgid/zaproxy-develop/0f336858-0be3-4a01-a7f6-6aa991beed3b%40googlegroups.com
> <https://groups.google.com/d/msgid/zaproxy-develop/0f336858-0be3-4a01-a7f6-6aa991beed3b%40googlegroups.com?utm_medium=email&utm_source=footer>.
> For more options, visit https://groups.google.com/d/optout.
Could you provide an example response (as seen on the wire) that
triggers the issue?
That could be prevented by using HTTP/1.0 (e.g. by setting that version
to the requests with a HTTP Sender script).
Best regards.
On 23/09/16 15:10, Albert wrote:
> Hi,
>
> I am getting lots of this exceptions during the scanning and spidering
> process on the zap log.
>
> I guess is the HTTP client. Can it be customized? Or any ideas how to
> prevent it?
>
> *09:48:43* at org.apache.commons.httpclient.ChunkedInputStream.getChunkSizeFromInputStream(ChunkedInputStream.java:252)
> *09:48:43* at org.apache.commons.httpclient.ChunkedInputStream.nextChunk(ChunkedInputStream.java:221)
> *09:48:43* at org.apache.commons.httpclient.ChunkedInputStream.read(ChunkedInputStream.java:176)
> *09:48:43* at java.io.FilterInputStream.read(Unknown Source)
> *09:48:43* at org.apache.commons.httpclient.AutoCloseInputStream.read(AutoCloseInputStream.java:108)
> *09:48:43* at java.io.FilterInputStream.read(Unknown Source)
> *09:48:43* at org.apache.commons.httpclient.AutoCloseInputStream.read(AutoCloseInputStream.java:127)
> *09:48:43* at org.apache.commons.httpclient.HttpMethodBase.getResponseBody(Unknown Source)
> *09:48:43* at org.parosproxy.paros.network.HttpSender.send(Unknown Source)
> *09:48:43* at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source)
> *09:48:43* at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source)
> *09:48:43* at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source)
> *09:48:43* at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source)
> *09:48:43* at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source)
> *09:48:43* at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:313)
> *09:48:43* at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source)
> *09:48:43* at org.zaproxy.zap.extension.ascanrulesAlpha.LDAPInjection.scan(LDAPInjection.java:188)
> *09:48:43* at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scanVariant(Unknown Source)
> *09:48:43* at org.parosproxy.paros.core.scanner.AbstractAppParamPlugin.scan(Unknown Source)
> *09:48:43* at org.parosproxy.paros.core.scanner.AbstractPlugin.run(Unknown Source)
> *09:48:43* at java.lang.Thread.run(Unknown Source)
>
>
> --
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP Developer Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-devel...@googlegroups.com
> <mailto:zaproxy-devel...@googlegroups.com>.
> To view this discussion on the web, visit
> https://groups.google.com/d/msgid/zaproxy-develop/0f336858-0be3-4a01-a7f6-6aa991beed3b%40googlegroups.com
> <https://groups.google.com/d/msgid/zaproxy-develop/0f336858-0be3-4a01-a7f6-6aa991beed3b%40googlegroups.com?utm_medium=email&utm_source=footer>.
> For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages