You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Marc Slemko <ma...@znep.com> on 1999/11/06 07:31:15 UTC

bug in chunked encoding on HEADs

Due to the following code (XXXs added):

    if ((r->connection->keepalive != -1) &&
        ((r->status == HTTP_NOT_MODIFIED) ||
         (r->status == HTTP_NO_CONTENT) ||
         r->header_only || /* XXX */
         ap_table_get(r->headers_out, "Content-Length") ||
         ap_find_last_token(r->pool,
                         ap_table_get(r->headers_out, "Transfer-Encoding"),
                         "chunked") ||
         ((r->proto_num >= HTTP_VERSION(1,1)) &&
          (r->chunked = 1))) && /* XXX */ /* THIS CODE IS CORRECT, see comment above. */
        r->server->keep_alive &&
        (r->server->keep_alive_timeout > 0) &&
        ((r->server->keep_alive_max == 0) ||
         (r->server->keep_alive_max > r->connection->keepalives)) &&
        !ap_status_drops_connection(r->status) &&
        !wimpy &&
        !ap_find_token(r->pool, conn, "close") &&
        (!ap_table_get(r->subprocess_env, "nokeepalive") ||
         ap_table_get(r->headers_in, "Via")) &&
        ((ka_sent = ap_find_token(r->pool, conn, "keep-alive")) ||
         (r->proto_num >= HTTP_VERSION(1,1)))
       ) {

...if r->header_only is true, then the side-effect to enable chunked 
encoding will never be evaluated.  This means that a GET and a HEAD
return different headers, which isn't deadly but isn't great.

How about we move the r->header_only part to after the chunked side
effect?  The order of the terms in this section can not matter, by
definition, except for the one involving the side effect and only the
header_only part should change between HEAD and GET requests, so as long
as the side effect is before the header_only it should be ok.

Re: bug in chunked encoding on HEADs

Posted by Dean Gaudet <dg...@arctic.org>.

+1

On Fri, 5 Nov 1999, Marc Slemko wrote:

> Due to the following code (XXXs added):
> 
>     if ((r->connection->keepalive != -1) &&
>         ((r->status == HTTP_NOT_MODIFIED) ||
>          (r->status == HTTP_NO_CONTENT) ||
>          r->header_only || /* XXX */
>          ap_table_get(r->headers_out, "Content-Length") ||
>          ap_find_last_token(r->pool,
>                          ap_table_get(r->headers_out, "Transfer-Encoding"),
>                          "chunked") ||
>          ((r->proto_num >= HTTP_VERSION(1,1)) &&
>           (r->chunked = 1))) && /* XXX */ /* THIS CODE IS CORRECT, see comment above. */
>         r->server->keep_alive &&
>         (r->server->keep_alive_timeout > 0) &&
>         ((r->server->keep_alive_max == 0) ||
>          (r->server->keep_alive_max > r->connection->keepalives)) &&
>         !ap_status_drops_connection(r->status) &&
>         !wimpy &&
>         !ap_find_token(r->pool, conn, "close") &&
>         (!ap_table_get(r->subprocess_env, "nokeepalive") ||
>          ap_table_get(r->headers_in, "Via")) &&
>         ((ka_sent = ap_find_token(r->pool, conn, "keep-alive")) ||
>          (r->proto_num >= HTTP_VERSION(1,1)))
>        ) {
> 
> ...if r->header_only is true, then the side-effect to enable chunked 
> encoding will never be evaluated.  This means that a GET and a HEAD
> return different headers, which isn't deadly but isn't great.
> 
> How about we move the r->header_only part to after the chunked side
> effect?  The order of the terms in this section can not matter, by
> definition, except for the one involving the side effect and only the
> header_only part should change between HEAD and GET requests, so as long
> as the side effect is before the header_only it should be ok.
> 
>