[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [libmicrohttpd] Cannot set Content-Length in header

From: Tim Rühsen
Subject: Re: [libmicrohttpd] Cannot set Content-Length in header
Date: Fri, 25 Oct 2019 11:40:51 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0

Hi Christian,

> Alternatively, we could define a bit-field
> option SANITY_CHECK to just disable certain sanity checks. WDYT?

I like this better since we can have an easy start and slowly evolve it
with more flags / bits, as the need arises.

Currently, the wget test suite only needs a flag to switch off the
Content-Length sanity checks. But I see more potential in the future -
e.g. we tests with weird / insane chunked transfer encoding, which
might be sanitized by a future MHD change.

Regards, Tim

On 10/25/19 10:56 AM, Christian Grothoff wrote:
> Hi Tim,
> I didn't realize this was wget-*testing* related.
> For your use-case, I agree that having an equivalent of the
> can set a "-1" to "allow application to break the protocol" could be
> reasonable.
> I'd prefer having such a more "generic" option over a specific one to
> just disable header checks. Alternatively, we could define a bit-field
> option SANITY_CHECK to just disable certain sanity checks. WDYT?
> Happy hacking!
> -Christian
> On 10/25/19 9:48 AM, Tim Rühsen wrote:
>> Hi Christian,
>> for Wget2 we have to test and prepare for all kinds of malicious and
>> misconfigured / misbehaving servers. So what you call a new feature is
>> from our point of view a regression, since it breaks tests.
>> Of course I understand your intention. But maybe we can have both by
>> adding a new option to switch off the Content-Type checks ?
>> Or a more general approach - a HEADER_CHECKS_OFF mode that make MHD just
>> being "dumb" ?
>> Regards, Tim
>> On 10/24/19 7:42 PM, Christian Grothoff wrote:
>>> Hi!
>>> The MHD documentation explicitly says that MHD does NOT allow the
>>> application to set the content-length header at all. You're likely
>>> ignoring an error code you are getting back from the library when trying
>>> to set the content-length header.
>>> Also, not allowing applications to break the HTTP protocol is a feature,
>>> not a bug. (That feature was indeed introduced around the versions you
>>> mention ;-).)
>>> Happy hacking!
>>> Christian
>>> On 10/24/19 6:25 PM, Archit Pandey wrote:
>>>> Hello all,
>>>> I'm working on the test-suite of wget2 that uses libmicrohttpd.
>>>> I've noticed that on v0.9.66 MHD when I try setting an arbitrary value
>>>> for Content-Length in the HTTP header, MHD changes it to the correct
>>>> value. This behavior is not present on 0.9.59. Additionally, I could not
>>>> find an option to revert to the previous behavior.
>>>> Could this be a possible bug?
>>>> -- 
>>>> Archit Pandey
>>>> Junior Year B.Tech.
>>>> Department of Computer Science and Engineering
>>>> National Institute of Technology Karnataka
>>>> Surathkal, India

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]