From 2d94c2b8bf61dba322a21d470eba6d6298c2f795 Mon Sep 17 00:00:00 2001 From: thc202 Date: Mon, 10 Nov 2025 13:07:42 +0000 Subject: [PATCH 1/2] Do not warn on empty encoded HTTP bodies Do not attempt to decode if empty and thus prevent the warn of EOFException. Signed-off-by: thc202 --- .../network/AbstractStreamHttpEncoding.java | 6 +++++ .../network/HttpEncodingDeflateUnitTest.java | 27 +++++++++++++++++++ .../zap/network/HttpEncodingGzipUnitTest.java | 27 +++++++++++++++++++ 3 files changed, 60 insertions(+) diff --git a/zap/src/main/java/org/zaproxy/zap/network/AbstractStreamHttpEncoding.java b/zap/src/main/java/org/zaproxy/zap/network/AbstractStreamHttpEncoding.java index 25c69700dac..10d0f6a4f7c 100644 --- a/zap/src/main/java/org/zaproxy/zap/network/AbstractStreamHttpEncoding.java +++ b/zap/src/main/java/org/zaproxy/zap/network/AbstractStreamHttpEncoding.java @@ -29,6 +29,8 @@ abstract class AbstractStreamHttpEncoding implements HttpEncoding { private static final int BUFFER_SIZE = 2048; + private static final byte[] EMPTY = {}; + private final OutputStreamSupplier outputStreamSupplier; private final InputStreamSupplier inputStreamSupplier; @@ -49,6 +51,10 @@ public byte[] encode(byte[] content) throws IOException { @Override public byte[] decode(byte[] content) throws IOException { + if (content.length == 0) { + return EMPTY; + } + ByteArrayOutputStream baos = new ByteArrayOutputStream(); try (ByteArrayInputStream bais = new ByteArrayInputStream(content); InputStream is = inputStreamSupplier.get(bais)) { diff --git a/zap/src/test/java/org/zaproxy/zap/network/HttpEncodingDeflateUnitTest.java b/zap/src/test/java/org/zaproxy/zap/network/HttpEncodingDeflateUnitTest.java index 39fb07448f8..b238020f525 100644 --- a/zap/src/test/java/org/zaproxy/zap/network/HttpEncodingDeflateUnitTest.java +++ b/zap/src/test/java/org/zaproxy/zap/network/HttpEncodingDeflateUnitTest.java @@ -37,6 +37,9 @@ class HttpEncodingDeflateUnitTest { private static final byte[] CONTENT = "Content 123 ABC".getBytes(StandardCharsets.UTF_8); private static final byte[] CONTENT_ENCODED = deflate(CONTENT); + private static final byte[] EMPTY_CONTENT = {}; + private static final byte[] EMPTY_CONTENT_ENCODED = deflate(EMPTY_CONTENT); + private HttpEncodingDeflate encoding = HttpEncodingDeflate.getSingleton(); @Test @@ -55,6 +58,30 @@ void shouldDecodeContent() throws IOException { assertThat(decodedContent, is(equalTo(CONTENT))); } + @Test + void shouldEncodeEmptyContent() throws IOException { + // Given / When + byte[] encodedContent = encoding.encode(EMPTY_CONTENT); + // Then + assertThat(encodedContent, is(equalTo(EMPTY_CONTENT_ENCODED))); + } + + @Test + void shouldDecodeEmptyContent() throws IOException { + // Given / When + byte[] decodedContent = encoding.decode(EMPTY_CONTENT_ENCODED); + // Then + assertThat(decodedContent, is(equalTo(EMPTY_CONTENT))); + } + + @Test + void shouldSkipDecodePlainEmptyContent() throws IOException { + // Given / When + byte[] decodedContent = encoding.decode(EMPTY_CONTENT); + // Then + assertThat(decodedContent, is(equalTo(EMPTY_CONTENT))); + } + @Test void shouldThrowExceptionWhenDecodingIfNotProperlyEncoded() { // Given diff --git a/zap/src/test/java/org/zaproxy/zap/network/HttpEncodingGzipUnitTest.java b/zap/src/test/java/org/zaproxy/zap/network/HttpEncodingGzipUnitTest.java index 43584c8a321..6bd98e6008c 100644 --- a/zap/src/test/java/org/zaproxy/zap/network/HttpEncodingGzipUnitTest.java +++ b/zap/src/test/java/org/zaproxy/zap/network/HttpEncodingGzipUnitTest.java @@ -37,6 +37,9 @@ class HttpEncodingGzipUnitTest { private static final byte[] CONTENT = "Content 123 ABC".getBytes(StandardCharsets.UTF_8); private static final byte[] CONTENT_ENCODED = gzip(CONTENT); + private static final byte[] EMPTY_CONTENT = {}; + private static final byte[] EMPTY_CONTENT_ENCODED = gzip(EMPTY_CONTENT); + private HttpEncodingGzip encoding = HttpEncodingGzip.getSingleton(); @Test @@ -55,6 +58,30 @@ void shouldDecodeContent() throws IOException { assertThat(decodedContent, is(equalTo(CONTENT))); } + @Test + void shouldEncodeEmptyContent() throws IOException { + // Given / When + byte[] encodedContent = encoding.encode(EMPTY_CONTENT); + // Then + assertThat(encodedContent, is(equalTo(EMPTY_CONTENT_ENCODED))); + } + + @Test + void shouldDecodeEmptyContent() throws IOException { + // Given / When + byte[] decodedContent = encoding.decode(EMPTY_CONTENT_ENCODED); + // Then + assertThat(decodedContent, is(equalTo(EMPTY_CONTENT))); + } + + @Test + void shouldSkipDecodePlainEmptyContent() throws IOException { + // Given / When + byte[] decodedContent = encoding.decode(EMPTY_CONTENT); + // Then + assertThat(decodedContent, is(equalTo(EMPTY_CONTENT))); + } + @Test void shouldThrowExceptionWhenDecodingIfNotProperlyEncoded() { // Given From e53e971bcd99b7d01d2f98e8ac0fcf35a193e3cf Mon Sep 17 00:00:00 2001 From: Simon Bennetts Date: Mon, 10 Nov 2025 17:54:05 +0000 Subject: [PATCH 2/2] Update version tag to 2.17.0 Signed-off-by: Simon Bennetts --- zap/src/main/java/org/parosproxy/paros/Constant.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/zap/src/main/java/org/parosproxy/paros/Constant.java b/zap/src/main/java/org/parosproxy/paros/Constant.java index fb6cd3d44d2..2cc36cbeb07 100644 --- a/zap/src/main/java/org/parosproxy/paros/Constant.java +++ b/zap/src/main/java/org/parosproxy/paros/Constant.java @@ -126,6 +126,7 @@ // ZAP: 2023/09/14 Lock home directory. // ZAP: 2024/04/25 Add new autoTagScanner regex patterns when upgrading from 2.14 or earlier. // ZAP: 2024/11/06 Add branding related constants. +// ZAP: 2025/11/10 Updated VERSION_TAG. package org.parosproxy.paros; import java.io.File; @@ -209,7 +210,7 @@ public final class Constant { private static final String VERSION_ELEMENT = "version"; // Accessible for tests - static final long VERSION_TAG = 20016001; + static final long VERSION_TAG = 20017000; // Old version numbers - for upgrade private static final long V_2_14_0_TAG = 20014000;