Skip to content
This repository was archived by the owner on Jun 18, 2024. It is now read-only.

Conversation

iaavo
Copy link

@iaavo iaavo commented Jan 27, 2023

Fixes #746

Root cause is the line 85 of WSSecurityBasedCredentials.java:

  protected static final String wsAddressingHeadersFormat =
      "<wsa:Action soap:mustUnderstand='1'>http://schemas.microsoft.com/exchange/services/2006/messages/%s</wsa:Action>"
          +
          "<wsa:ReplyTo><wsa:Address>http://www.w3.org/2005/08/addressing/anonymous</wsa:Address>" +
          "</wsa:ReplyTo>" +
          "<wsa:To soap:mustUnderstand='1'>%s</wsa:To>";

This string is passed on to the xmlWriter in line 201:

    // Format the WS-Addressing headers.
    String wsAddressingHeaders = String.format(
        WSSecurityBasedCredentials.wsAddressingHeadersFormat,
        webMethodName, this.ewsUrl);
    
    // And write them out...
    xmlWriter.writeCharacters(wsAddressingHeaders);

The xmlWriter however, will escape the characters < and > to its corresponding html escape values &lt; and &gt; and then send a malformed xml body to the exchangeService. The backend can't parse the xml body and fails with an internal server error.

This fix simply uses the default xml writer implementation and instructs it to not escape characters.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet

Projects

None yet

1 participant