hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oleg Kalnichevski <ol...@apache.org>
Subject Re: Surprising ProtocolException due to having already set Content-Length header
Date Sat, 23 Aug 2008 09:51:01 GMT
On Fri, 2008-08-22 at 18:01 -0400, Bill Higgins wrote:
> We have been working on a little proxy server that sits between a
> browser and a backend data server. We take an incoming HTTP request
> from the browser (type HttpRequest) and copy them into a new proxy
> HTTP Request (also type HttpRequest). We use Apache HTTP Client within
> our server to send the new proxy HTTP Request to the remote server.
> 
> Our code currently blindly copies the incoming browser request's
> headers into the headers of the outgoing proxy request. On
> content-enclosing requests, this leads to an unexpected exception for
> PUT and POST requests:
> 
>     org.apache.http.ProtocolException: Content-Length header already present
> 
> We stepped through the code and realized that the error happens in
> org.apache.http.protocol.RequestContent#process. The stanza that
> throws the exception is this one:
> 
>     if (request instanceof HttpEntityEnclosingRequest) {
>         // ...
>         if (request.containsHeader(HTTP.CONTENT_LEN)) {
>             throw new ProtocolException("Content-Length header already
> present");
>         }
> 
> It appears like the RequestContent wants to set the request's
> Content-Length header itself based on the contents of its entity. But
> we're setting it at the request level because we're acting as a
> transparent proxy and the browser already told us what the
> content-length was.
> 
> So I understand the rationale but it almost feels like you're being
> too paranoid and penalizing code that knows what it's doing. For now
> we'll just remove all of the headers that RequestContent doesn't seem
> to like, but it seems wrong that we have to read the code to
> understand what's allowed and not allowed.
> 
> Here's what we'd prefer (in order of preference):
> 1) If you can compute the length of the entity within Java code, just
> overwrite whatever's on the incoming request
> 2) Trust the content-length a client sends in
> 3) Document that you're not supposed to set the content-length at the
> request level when using HttpClient
> 
> Please let me know what you think - maybe I'm missing something (it
> wouldn't be the first time).
> 

Bill,

Well behaved proxies should handle so called hop by hop headers with
care and certainly must not blindly send them to the next hop. See
section 13.5.4

http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html

It is strongly advised to remove hop by hop headers and let HttpClient
re-generate them based on the composition of the request. Sometime proxy
may need to downgrade from HTTP/1.1 to HTTP/1.0 or visa versa. In this
case, for instance, HttpClient will automatically convert chunk-coded
entities to content-length delimited or the other way around.

Alternatively, just plug in a custom version of RequestContent
interceptor.

Hope this helps

Oleg





---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


Mime
View raw message