[TS-2614] Response to invalid Content-Length for POST should be a 400 error - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 5.0.0
Component/s: HTTP
Labels:
- review

Description

We have some users attempting to POST where the content length is -1.
POST /services/rest HTTP/1.1\r\n
Host: api.flickr.com\r\n
Accept: /\r\n
Content-Length: -1\r\n
Content-Type: application/x-www-form-urlencoded\r\n
Expect: 100-continue\r\n

ATS goes ahead with this request and connects to the origin and passes the invalid content length.

Preferable, and consistent with the spec, ATS should immediately respond to the client with an error.

RFC-2616 Section 14.13 says 'Any Content-Length greater than or equal to zero is a valid value.' I interpret that as a negative content length value is invalid.

I propose that ATS respond with a '400 Invalid Request' for PUT/POST/PUSH requests when the user provided content-length is less than 0.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

0001-TS-2614-Response-to-invalid-Content-Length-for-POST-.patch
06/Mar/14 03:16
5 kB
sherlockhua

Activity

People

Assignee:: James Peach

Reporter:: Ron Barber

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 04/Mar/14 19:21

Updated:: 18/Dec/14 05:06

Resolved:: 07/Mar/14 17:55