[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [libmicrohttpd] Cannot set Content-Length in header
From: |
Christian Grothoff |
Subject: |
Re: [libmicrohttpd] Cannot set Content-Length in header |
Date: |
Fri, 25 Oct 2019 14:46:54 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 |
Hi Tim,
In Git head, you can now do:
MHD_set_response_options (response,
MHD_RF_INSANITY_HEADER_CONTENT_LENGTH,
MHD_RO_END);
*before* calling MHD_add_response_header() to get your desired insanity ;-).
Test for MHD_VERSION 0x00096702.
Happy hacking!
Christian
On 10/25/19 11:40 AM, Tim Rühsen wrote:
> Hi Christian,
>
>> Alternatively, we could define a bit-field
>> option SANITY_CHECK to just disable certain sanity checks. WDYT?
>
> I like this better since we can have an easy start and slowly evolve it
> with more flags / bits, as the need arises.
>
> Currently, the wget test suite only needs a flag to switch off the
> Content-Length sanity checks. But I see more potential in the future -
> e.g. we tests with weird / insane chunked transfer encoding, which
> might be sanitized by a future MHD change.
>
> Regards, Tim
>
> On 10/25/19 10:56 AM, Christian Grothoff wrote:
>> Hi Tim,
>>
>> I didn't realize this was wget-*testing* related.
>>
>> For your use-case, I agree that having an equivalent of the
>> MHD_OPTION_STRICT_FOR_CLIENT like MHD_OPTION_STRICT_FOR_SERVER where you
>> can set a "-1" to "allow application to break the protocol" could be
>> reasonable.
>>
>> I'd prefer having such a more "generic" option over a specific one to
>> just disable header checks. Alternatively, we could define a bit-field
>> option SANITY_CHECK to just disable certain sanity checks. WDYT?
>>
>> Happy hacking!
>>
>> -Christian
>>
>> On 10/25/19 9:48 AM, Tim Rühsen wrote:
>>> Hi Christian,
>>>
>>> for Wget2 we have to test and prepare for all kinds of malicious and
>>> misconfigured / misbehaving servers. So what you call a new feature is
>>> from our point of view a regression, since it breaks tests.
>>>
>>> Of course I understand your intention. But maybe we can have both by
>>> adding a new option to switch off the Content-Type checks ?
>>> Or a more general approach - a HEADER_CHECKS_OFF mode that make MHD just
>>> being "dumb" ?
>>>
>>> Regards, Tim
>>>
>>> On 10/24/19 7:42 PM, Christian Grothoff wrote:
>>>> Hi!
>>>>
>>>> The MHD documentation explicitly says that MHD does NOT allow the
>>>> application to set the content-length header at all. You're likely
>>>> ignoring an error code you are getting back from the library when trying
>>>> to set the content-length header.
>>>>
>>>> Also, not allowing applications to break the HTTP protocol is a feature,
>>>> not a bug. (That feature was indeed introduced around the versions you
>>>> mention ;-).)
>>>>
>>>> Happy hacking!
>>>>
>>>> Christian
>>>>
>>>> On 10/24/19 6:25 PM, Archit Pandey wrote:
>>>>> Hello all,
>>>>>
>>>>> I'm working on the test-suite of wget2 that uses libmicrohttpd.
>>>>>
>>>>> I've noticed that on v0.9.66 MHD when I try setting an arbitrary value
>>>>> for Content-Length in the HTTP header, MHD changes it to the correct
>>>>> value. This behavior is not present on 0.9.59. Additionally, I could not
>>>>> find an option to revert to the previous behavior.
>>>>>
>>>>> Could this be a possible bug?
>>>>>
>>>>> --
>>>>> Archit Pandey
>>>>> Junior Year B.Tech.
>>>>> Department of Computer Science and Engineering
>>>>> National Institute of Technology Karnataka
>>>>> Surathkal, India
>>>>
>>>
>>
>
signature.asc
Description: OpenPGP digital signature