httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Kratochvil <rcpt-dev.AT.httpd.apache....@jankratochvil.net>
Subject Re: POST without Content-Length
Date Sun, 08 Aug 2004 06:57:13 GMT
Hi,

On Sun, 08 Aug 2004 00:07:24 +0200, Roy T. Fielding wrote:
...
> An HTTP request with no content-length and no tranfer-encoding has no body,
> period:

OK. Now just a question whether to not to implement HTTP-request sanity check
as is implemented in squid clientCheckContentLength():

	PUT+POST:
		require a request entity: HTTP_LENGTH_REQUIRED = 411
	GET+HEAD:
		forbid a request entity if !$request_entities: HTTP_LENGTH_REQUIRED = 411

	configurable $request_entities:
		allow GET/HEAD requests with request entities, even if such
		entites are "undefined" in the HTTP specification.

Unfortunately there is no HTTP specification which methods
MUST/MUST NOT/etc. (RFC 2119) include HTTP request bodies.


Lace

-- 
Jan Kratochvil; Captive: free r/w NTFS Filesystem; http://www.jankratochvil.net/

Mime
View raw message