httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <>
Subject Re: protocol/1399: MISE 4.0 POST, then 401 Unauth, then second POST with good uname/pwd, garbage data in logs and (sometimes) garbled request (fwd)
Date Wed, 12 Nov 1997 01:58:25 GMT
Nyet, not in 1.3.

Not in my tree anyway.


  *) API: In HTTP/1.1, whether or not a request message contains a body
     is independent of the request method and based solely on the presence
     of a Content-Length or Transfer-Encoding.  Therefore, our default
     handlers need to be prepared to read a body even if they don't know
     what to do with it; otherwise, the body would be mistaken for the
     next request on a persistent connection.  discard_request_body()
     has been added to take care of that.  [Roy Fielding] PR#378

is related, however the problem is that discard_request_body isn't being
called everywhere it is necessary.  It is not yet clear to me if it can be
added easily, or if we have to force a connection close.  The problem is
that certain things can only be called once, and we don't necessarily know
everything that modules are doing.

On Tue, 11 Nov 1997, Dean Gaudet wrote:

> Is this fixed in the 1.2.5 sources already in the tree?  'cause this
> sounds like a bug that Roy fixed.  Roy's fix is in 1.3 as well. 
> Dean
> On Tue, 11 Nov 1997, Marc Slemko wrote:
> > On Tue, 11 Nov 1997, Marc Slemko wrote:
> > 
> > > Hmm.  Apache isn't eating the request body when it returns a 401, causing
> > > the below problem...
> > 
> > Ok, the reason that this is only a problem with HTTP/1.1 is that
> > in HTTP/1.0 we don't have a content-length for the body of the 401,
> > so the logic closes the connection.  In HTTP/1.1, it is chunked so
> > we don't close it, so we end up reading the POST body as part of the
> > next request.
> > 
> > 

View raw message