Summary: | Apache 2.2.20 Range fix regression. Negative value handling | ||
---|---|---|---|
Product: | Apache httpd-2 | Reporter: | low_priority <lowprio20> |
Component: | All | Assignee: | Apache HTTPD Bugs Mailing List <bugs> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | thoger |
Priority: | P2 | Keywords: | FixedInTrunk |
Version: | 2.5-HEAD | ||
Target Milestone: | --- | ||
Hardware: | All | ||
OS: | All |
Description
low_priority
2011-09-01 06:48:01 UTC
There is one special case here: -0 RFC does not define that case as syntactically invalid. My reading is that it's considered valid but unsatisfiable (If a syntactically valid byte-range-set includes ... at least one suffix-byte-range-spec with a non-zero suffix-length, then the byte-range-set is satisfiable.). The latest httpd behaviour is to handle that as invalid, hence ignore Range header and return 200. That's quite reasonable, given that -0 is not any better than invalid 10-9. Just noting here so it can be decided if it should stay as is or be changed to be more rfc-compliant. Required change seems trivial (allowing number >= 0). And maybe I'm just reading the RFC wrong. Fixed in 2.2.21 Regarding comment #2, I wonder if it's been overlooked, or whatever the behaviour (invalid vs. unsatisfiable) is for the meaningless case is considered fine. Should I do separate bug for it? Thanks! |