httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Roy T. Fielding <field...@gbiv.com>
Subject Re: POST without Content-Length
Date Sat, 07 Aug 2004 22:41:35 GMT
>>> A CGI script therefore should never trust Content-Length, but just 
>>> read
>>> stdin until it meets an EOF.
>>
>> That is well-known to fail in CGI.  A CGI must use Content-Length.
>
> Hmm. any pointers where this is specified? I didn't have any problems 
> with
> this until now - but in trusting the C-L variable.

CGI doesn't require standard input to be closed by the server -- Apache
just happens to do that for the sake of old scripts that used fgets to
read line-by-line.  Other servers do things differently, which is why
reading til EOF does not work across platforms.

....Roy


Mime
View raw message