Content-Lenth and Content-Type in bodyless message #2341
+82
−32
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 tasks
https://github.com/tempesta-tech/tempesta-test/pull/769/fileshere is the test branch |
const-t
force-pushed
the
kt-2322-empty-body
branch
from
3ea6f8b to
36012f3
Compare
krizhanovsky
approved these changes
Feb 17, 2025
| # | ||
| # Example: | ||
| # http_allow_empty_body_content_type true; | ||
| # |
There was a problem hiding this comment.
Could you please also describe this in wiki? Also with good story from #2322 and #2341 (comment) : make examples for the implementations, cite the RFC and how to we violate it (e.g. with Content-Length: 0).
There was a problem hiding this comment.
const-t
force-pushed
the
kt-2322-empty-body
branch
from
36012f3 to
5424941
Compare
RFC 9110 8.6: A server MUST NOT send a Content-Length header field in any response with a status code of 1xx (Informational) or 204 (No Content). Now for responses 1xx and 204 Tempesta FW treats `Content-Length: 0` as the absence of a Content-Length header. Some implementations send `Content-Length: 0` within 204 (No Content) response, to be able to process such messages the rule from RFC 9110 8.6 has been relaxed. For requests with bodyless methods such as HEAD, GET, etc. Tempesta also treats `Content-Length: 0` as empty body and considers such requests as valid. Added directive `http_allow_empty_body_content_type` that allows Tempesta FW to process requests with bodyless methods. By default Tempesta FW drops such requests.
Now `content-length: 0` is allowed with bodyless methods, in the tests `content-length: 0` changed to `content-length: 1`. However we don't send body, because it's unnecessary, because we expect that validation of bodyless method will block request before body will be parsed.
const-t
force-pushed
the
kt-2322-empty-body
branch
from
5424941 to
6adad8b
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
RFC 9110 8.6:
A server MUST NOT send a Content-Length header field in any response with a status code of 1xx (Informational) or 204 (No Content).
Now for responses 1xx and 204 Tempesta FW treats
Content-Length: 0as the absence of a Content-Length header. Some implementations sendContent-Length: 0within 204 (No Content) response, to be able to process such messages the rule from RFC 9110 8.6 has been relaxed.For requests with bodyless methods such as HEAD, GET, etc. Tempesta also treats
Content-Length: 0as empty body and considers such requests as valid.Added directive
http_allow_empty_body_content_typethat allows Tempesta FW to process requests with bodyless methods. By default Tempesta FW drops such requests.