Uploaded image for project: 'Nutch'
  1. Nutch
  2. NUTCH-2549

protocol-http does not behave the same as browsers

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.14
    • Fix Version/s: 1.15
    • Component/s: None
    • Labels:
      None
    • Flags:
      Important

      Description

      We identified the following issues in protocol-http (a plugin implementing the HTTP protocol):

      • It fails if an url's path does not start with '/'
      • It advertises its requests as being HTTP/1.0, but sends an Accept-Encoding request header, that is defined only in HTTP/1.1. This confuses some web servers
      • If a server sends a redirection (3XX status code, with a Location header), protocol-http tries to parse the HTTP response body anyway. Thus, if an error occurs while decoding the body, the redirection is not followed and the information is lost. Browsers follow the redirection and close the socket soon as they can.
      • Some servers invalidly send an HTTP body directly without a status line or headers. Browsers handle that, protocol-http doesn't:
      • Some servers invalidly add colons after the HTTP status code in the status line (they can send HTTP/1.1 404: Not found instead of HTTP/1.1 404 Not found for instance). Browsers can handle that.
      • Some servers invalidly send headers that span over multiple lines. In that case, browsers simply ignore the subsequent lines, but protocol-http throws an error, thus preventing us from fetching the contents of the page.
      • There is no limit over the size of the HTTP headers it reads. A bogus server could send an infinite stream of different HTTP headers and cause the fetcher to go out of memory, or send the same HTTP header repeatedly and cause the fetcher to timeout.
      • The same goes for the HTTP status line: no check is made concerning its size.
      • While reading chunked content, if the content size becomes larger than http.getMaxContent(), instead of just stopping, it tries to read a new chunk before having read the previous one completely, resulting in a 'bad chunk length' error.

      Additionally (and that concerns protocol-httpclient as well), when reading http headers, for each header, the SpellCheckedMetadata class computes a Levenshtein distance between it and every  known header in the HttpHeaders interface. Not only is that slow, non-standard, and non-conform to browsers' behavior, but it also causes bugs and prevents us from accessing the real headers sent by the HTTP server.

      • Example: http://www.taz.de/!443358/ . The server sends a Client-Transfer-Encoding: chunked header, but SpellCheckedMetadata corrects it to Transfer-Encoding: chunked. Then, HttpResponse (in protocol-http) tries to read the HTTP body as chunked, whereas it is not.

       

        Attachments

        1. NUTCH-2549.patch
          9 kB
          Gerard Bouchar

          Issue Links

            Activity

              People

              • Assignee:
                snagel Sebastian Nagel
                Reporter:
                gbouchar Gerard Bouchar
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: