[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [libmicrohttpd] Cannot set Content-Length in header

From: Christian Grothoff
Subject: Re: [libmicrohttpd] Cannot set Content-Length in header
Date: Fri, 25 Oct 2019 14:46:54 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0

Hi Tim,

In Git head, you can now do:

MHD_set_response_options (response,

*before* calling MHD_add_response_header() to get your desired insanity ;-).

Test for MHD_VERSION 0x00096702.

Happy hacking!


On 10/25/19 11:40 AM, Tim Rühsen wrote:
> Hi Christian,
>> Alternatively, we could define a bit-field
>> option SANITY_CHECK to just disable certain sanity checks. WDYT?
> I like this better since we can have an easy start and slowly evolve it
> with more flags / bits, as the need arises.
> Currently, the wget test suite only needs a flag to switch off the
> Content-Length sanity checks. But I see more potential in the future -
> e.g. we tests with weird / insane chunked transfer encoding, which
> might be sanitized by a future MHD change.
> Regards, Tim
> On 10/25/19 10:56 AM, Christian Grothoff wrote:
>> Hi Tim,
>> I didn't realize this was wget-*testing* related.
>> For your use-case, I agree that having an equivalent of the
>> can set a "-1" to "allow application to break the protocol" could be
>> reasonable.
>> I'd prefer having such a more "generic" option over a specific one to
>> just disable header checks. Alternatively, we could define a bit-field
>> option SANITY_CHECK to just disable certain sanity checks. WDYT?
>> Happy hacking!
>> -Christian
>> On 10/25/19 9:48 AM, Tim Rühsen wrote:
>>> Hi Christian,
>>> for Wget2 we have to test and prepare for all kinds of malicious and
>>> misconfigured / misbehaving servers. So what you call a new feature is
>>> from our point of view a regression, since it breaks tests.
>>> Of course I understand your intention. But maybe we can have both by
>>> adding a new option to switch off the Content-Type checks ?
>>> Or a more general approach - a HEADER_CHECKS_OFF mode that make MHD just
>>> being "dumb" ?
>>> Regards, Tim
>>> On 10/24/19 7:42 PM, Christian Grothoff wrote:
>>>> Hi!
>>>> The MHD documentation explicitly says that MHD does NOT allow the
>>>> application to set the content-length header at all. You're likely
>>>> ignoring an error code you are getting back from the library when trying
>>>> to set the content-length header.
>>>> Also, not allowing applications to break the HTTP protocol is a feature,
>>>> not a bug. (That feature was indeed introduced around the versions you
>>>> mention ;-).)
>>>> Happy hacking!
>>>> Christian
>>>> On 10/24/19 6:25 PM, Archit Pandey wrote:
>>>>> Hello all,
>>>>> I'm working on the test-suite of wget2 that uses libmicrohttpd.
>>>>> I've noticed that on v0.9.66 MHD when I try setting an arbitrary value
>>>>> for Content-Length in the HTTP header, MHD changes it to the correct
>>>>> value. This behavior is not present on 0.9.59. Additionally, I could not
>>>>> find an option to revert to the previous behavior.
>>>>> Could this be a possible bug?
>>>>> -- 
>>>>> Archit Pandey
>>>>> Junior Year B.Tech.
>>>>> Department of Computer Science and Engineering
>>>>> National Institute of Technology Karnataka
>>>>> Surathkal, India

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]