You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ma...@apache.org on 2002/01/08 16:09:49 UTC
cvs commit: apache-1.3/src/main http_protocol.c
martin 02/01/08 07:09:49
Modified: src CHANGES
src/main http_protocol.c
Log:
The 416 "range not satisfiable" response would include a
Content-Length header set to the size of the resource, but no body was
actually returned (r->header_only was set to 1). This appeared as a
premature EOF to the client.
Submitted by: Joe Orton <jo...@manyfish.co.uk>
Reviewed by: Martin Kraemer
Revision Changes Path
1.1750 +3 -0 apache-1.3/src/CHANGES
Index: CHANGES
===================================================================
RCS file: /home/cvs/apache-1.3/src/CHANGES,v
retrieving revision 1.1749
retrieving revision 1.1750
diff -u -r1.1749 -r1.1750
--- CHANGES 5 Jan 2002 17:13:02 -0000 1.1749
+++ CHANGES 8 Jan 2002 15:09:48 -0000 1.1750
@@ -1,5 +1,8 @@
Changes with Apache 1.3.23
+ *) Fix incorrect "Content-Length" header in the 416 "range not
+ satisfiable" response. [Joe Orton <jo...@manyfish.co.uk>]
+
*) Add FileETag directive to control fields used when constructing
an ETag for a file-based resource. Historically the inode,
size, and mtimehave been used, but the inode factor broke
1.304 +35 -7 apache-1.3/src/main/http_protocol.c
Index: http_protocol.c
===================================================================
RCS file: /home/cvs/apache-1.3/src/main/http_protocol.c,v
retrieving revision 1.303
retrieving revision 1.304
diff -u -r1.303 -r1.304
--- http_protocol.c 5 Jan 2002 17:13:03 -0000 1.303
+++ http_protocol.c 8 Jan 2002 15:09:48 -0000 1.304
@@ -361,6 +361,7 @@
else {
ap_table_setn(r->headers_out, "Content-Range",
ap_psprintf(r->pool, "bytes */%ld", r->clength));
+ ap_set_content_length(r, 0);
r->boundary = NULL;
r->range = range;
r->header_only = 1;
@@ -1040,16 +1041,43 @@
r->protocol = ap_pstrdup(r->pool, "HTTP/1.0");
return 0;
}
-
r->assbackwards = (ll[0] == '\0');
r->protocol = ap_pstrdup(r->pool, ll[0] ? ll : "HTTP/0.9");
- if (2 == sscanf(r->protocol, "HTTP/%u.%u", &major, &minor)
- && minor < HTTP_VERSION(1,0)) /* don't allow HTTP/0.1000 */
- r->proto_num = HTTP_VERSION(major, minor);
- else
- r->proto_num = HTTP_VERSION(1,0);
-
+ /* The following test tries to skip past the "HTTP/nn.mm"
+ * protocol string, collecting major=nn and minor=mm.
+ * ll is advanced past "HTTP/nn.mm" so that it can be checked
+ * for proper string termination (only valid chars: \r\n).
+ */
+ if (memcmp(ll,"HTTP/",5) == 0 && isdigit(ll[5])) {
+
+ /* Read major protocol level: */
+ major = strtol(&ll[5], &ll, 10);
+ if (errno != ERANGE && ll[0] == '/' && isdigit(ll[1])) {
+
+ /* Read minor protocol level: */
+ minor = strtol(&ll[1], &ll, 10);
+
+ if (errno != ERANGE) {
+ if (minor < HTTP_VERSION(1,0)) /* don't allow HTTP/0.1000 */
+ r->proto_num = HTTP_VERSION(major, minor);
+ else
+ r->proto_num = HTTP_VERSION(1,0);
+ }
+ }
+ }
+ /* If the request does not end after the "HTTP/x.y\r\n" (or after the
+ * URI in HTTP/0.9), then signal an error condition [400 Bad Request].
+ */
+ if (ll[strspn(ll," \r\n")] != '\0') {
+ ap_table_setn(r->notes, "error-notes",
+ "Request line not ending properly after \"HTTP/x.y\":"
+ "<PRE>\n", ap_escape_html(r->pool, r->protocol), "</PRE>");
+ r->status = HTTP_BAD_REQUEST;
+ r->proto_num = HTTP_VERSION(1,0);
+ r->protocol = ap_pstrdup(r->pool, "HTTP/1.0");
+ return 0;
+ }
return 1;
}
Re: cvs commit: apache-1.3/src/main http_protocol.c
Posted by Martin Kraemer <Ma...@Fujitsu-Siemens.com>.
On Tue, Jan 08, 2002 at 03:09:49PM -0000, martin@apache.org wrote:
> -
> r->assbackwards = (ll[0] == '\0');
> r->protocol = ap_pstrdup(r->pool, ll[0] ? ll : "HTTP/0.9");
>
> - if (2 == sscanf(r->protocol, "HTTP/%u.%u", &major, &minor)
> - && minor < HTTP_VERSION(1,0)) /* don't allow HTTP/0.1000 */
> - r->proto_num = HTTP_VERSION(major, minor);
> - else
> - r->proto_num = HTTP_VERSION(1,0);
> -
> + /* The following test tries to skip past the "HTTP/nn.mm"
> + * protocol string, collecting major=nn and minor=mm.
> + * ll is advanced past "HTTP/nn.mm" so that it can be checked
> + * for proper string termination (only valid chars: \r\n).
> + */
> + if (memcmp(ll,"HTTP/",5) == 0 && isdigit(ll[5])) {
> +
> + /* Read major protocol level: */
...
Uuh. That was a mistake. I did not mean to commit this part.
Undoing in a second.
Martin
--
<Ma...@Fujitsu-Siemens.com> | Fujitsu Siemens
Fon: +49-89-636-46021, FAX: +49-89-636-47655 | 81730 Munich, Germany