colin-adams
commented
10 years ago Actually, those class names (WSF_POST/PUT_HANDLER) are imaginary. I'll put the fix in the appropriate place.
Open colin-adams opened 10 years ago
colin-adams
commented
10 years ago Actually, those class names (WSF_POST/PUT_HANDLER) are imaginary. I'll put the fix in the appropriate place.
colin-adams
commented
10 years ago The names are WSF_POST/PUT_HELPER. Actually the 411 response only applies to the lack of a Content-Length header, even if a Transfer-Encoding header is present. If a Transfer-Encoding Header is present it overrides the Content-Length anyway, and if the final encoding is not chunked, the server must reply with 400 Bad request. Perhaps {WSF_REQUEST}.read_input_data_into should check this? WSF_SKELETON_HANDLER already has a deferred routine for checking the content headers. But this is largely for checking the media type is supported (and that might be handled better by just providing a list of acceptable media types, rather than force the handler writer to write the logic each time?).
{HTTP_STATUS_CODE}.411 does not appear to have any callers (at least in the policy-driven framework). Nor does Nino's HTTP_CONSTANTS.length_required.
Probably WSF_PUT_HANDLER and WSF_POST_HANDLER should have logic to reject a request lacking both a Content-Length header and a Transfer-Encoding header.
Think about it.