Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-10243

Content type exception uploading tar files - identified as application-gtar instead of application/tar

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.1.0
    • Fix Version/s: 3.5.0
    • Component/s: Repository
    • Labels:

      Description

      When uploading a tar file, Nexus throws an InvalidContentException complaining that it detected content type application/x-gtar, but expected application/x-tar. Internally Nexus uses the Apache Tika library for determining content type and first we do a detection by file extension, and then we do a detection by file contents, and throw an exception if they don't match. For Tar files Tika will return application/x-tar for name and application-x/gtar for contents. This is because most modern tar implementation will default to the 'gnu' format (i.e. a gtar), but most users still call it a tar.

       

      Original Bug Report Description:

      While testing initial pypi implementation, we attempted to upload a tar file into our pypi hosted but were blocked by content validation. tar files were one of the listed file extensions that pypi supported.

      From the pypi cli:

      ...
      Submitting dist/fileformats-1.0.2.tar to http://localhost:8081/repository/pypi-hosted/
      HTTP Error 404: Not Found
      error: HTTP Error 404: Not Found
      

      From the nexus.log:

      2016-05-16 15:35:47,848-0400 WARN  [qtp1368003828-1436] admin org.sonatype.nexus.repository.view.handlers.ExceptionHandler - Invalid content: POST /: org.sonatype.nexus.repository.InvalidContentException: Detected content type [application/x-gtar], but expected [application/x-tar]: packages/fileformats/1.0.2/fileformats-1.0.2.tar
      

      After investigation, we found the same thing occurs when you try and push the tar into a raw hosted repository.

      Once you have the tar file in the hosted repository, it proxies however you need to turn strict content validation off for your proxy as well.

      Since the team could not find any tar files that could be proxied from pypi.python.org and there is a workaround, as well as affects other repository types, we decided this was a non-blocker for now. We will watch for beta feedback and see if it hits anyone.

      Workaround

      The workaround is to turn strict content validation off for the hosted pypi repository.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                bradbeck Brad Beck
                Reporter:
                jtom Joe Tom
                Last Updated By:
                Rich Seddon
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Date of First Response: