Return-Path: Delivered-To: apmail-couchdb-dev-archive@www.apache.org Received: (qmail 90232 invoked from network); 4 Feb 2009 12:54:30 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 4 Feb 2009 12:54:30 -0000 Received: (qmail 6182 invoked by uid 500); 4 Feb 2009 12:54:22 -0000 Delivered-To: apmail-couchdb-dev-archive@couchdb.apache.org Received: (qmail 6104 invoked by uid 500); 4 Feb 2009 12:54:21 -0000 Mailing-List: contact dev-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@couchdb.apache.org Delivered-To: mailing list dev@couchdb.apache.org Received: (qmail 6084 invoked by uid 99); 4 Feb 2009 12:54:21 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 04 Feb 2009 04:54:21 -0800 X-ASF-Spam-Status: No, hits=-1998.5 required=10.0 tests=ALL_TRUSTED,WEIRD_PORT X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 04 Feb 2009 12:54:20 +0000 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id BCB25234C48C for ; Wed, 4 Feb 2009 04:53:59 -0800 (PST) Message-ID: <1458203118.1233752039758.JavaMail.jira@brutus> Date: Wed, 4 Feb 2009 04:53:59 -0800 (PST) From: "Brian Candler (JIRA)" To: dev@couchdb.apache.org Subject: [jira] Created: (COUCHDB-235) Doesn't gracefully handle malformed URLs MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org Doesn't gracefully handle malformed URLs ---------------------------------------- Key: COUCHDB-235 URL: https://issues.apache.org/jira/browse/COUCHDB-235 Project: CouchDB Issue Type: Improvement Components: HTTP Interface Affects Versions: 0.9 Environment: CentOS 5.2, Ubuntu Hardy couchdb - Apache CouchDB 0.9.0a739811-incubating Reporter: Brian Candler Priority: Minor This one took me a while to track down, and Couchdb could have helped me more :-) If you use curl to submit a request which includes a space, couchdb drops the connection on the floor: no response whatsoever, and nothing in logs. e.g. $ curl 'http://localhost:5984/test_suite_db/_a_view/foo/bar?key="one two"' curl: (52) Empty reply from server When you check with tcpdump, it turns out that curl is not URL-encoding the space, but passing it straight through: ... 0x0030: 0e38 b57c 4745 5420 2f74 6573 745f 7375 .8.|GET./test_su 0x0040: 6974 655f 6462 2f5f 615f 7669 6577 2f66 ite_db/_a_view/f 0x0050: 6f6f 2f62 6172 3f6b 6579 3d22 6f6e 6520 oo/bar?key="one. 0x0060: 7477 6f22 2048 5454 502f 312e 310d 0a55 two".HTTP/1.1..U 0x0070: 7365 722d 4167 656e 743a 2063 7572 6c2f ser-Agent:.curl/ 0x0080: 372e 3135 2e35 2028 6936 3836 2d72 6564 7.15.5.(i686-red 0x0090: 6861 742d 6c69 6e75 782d 676e 7529 206c hat-linux-gnu).l ... This happens with both versions of curl I tried (7.15.5 from CentOS 5.2, and 7.18.0 from Ubuntu Hardy) This is arguably a bug in curl: it should either encode the space or reject the whole URL. However, I wonder if couchdb could be a little more forgiving in this case, and at least return some sort of error to the client, like a 400 Bad Request. For comparison: under the same circumstances, Apache (2.2.8) actually accepts and processes the request, just giving a 404 if the document isn't found. The BNF in RFC 2616 says: Request-Line = Method SP Request-URI SP HTTP-Version CRLF RFC 1738 says that space is unsafe, and unsafe characters MUST be encoded in URLs. So Couchdb is within its rights to reject it - it would just be helpful if it could give an error. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.