Closed kenballus closed 3 months ago
Yes, any incomplete chunked message is forwarded as such. For what it's worth, backend answers immediately with 400. Checked with apache2.
Apache is responding 400 because the example request I sent didn't have a Host
header. If you add a Host
header, then Apache will time out.
But to be clear, it's not a problem if incomplete message bodies are forwarded. The issue is that invalid message bodies are not rejected. The message body above contains an invalid chunk, so it should definitely get a 400 from Pound.
Pound is the only HTTP server I know of that accepts the above request.
All of the following either reject the request with 400 or time out:
aiohttp, apache, cheroot, daphne, deno, fasthttp, go net/http, gunicorn, h2o, haproxy, hyper, hypercorn, jetty, libevent, libsoup, lighttpd, mongoose, netty, nginx, nodejs, openlitespeed, passenger, tomcat, tornado, uhttpd, unicorn, uvicorn, waitress, webrick, werkzeug, openbsd httpd, apache traffic server, nghttpx, squid, varnish, akamai, aws cloudfront, cloudflare, fastly, google classic app. LB, Envoy, and relayd.
Apache is responding 400 because the example request I sent didn't have a
Host
header. If you add aHost
header, then Apache will time out.
It goes without saying that I added the Host header before trying out the request.
It goes without saying that I added the Host header before trying out the request.
Just making sure.
Apache will 400 if the sender half-closes the TCP connection. Otherwise, it waits for the sender to send the rest of the request.
When Pound receives a request with the
Transfer-Encoding: chunked
header and a malformed message body, Pound forwards that request without its message body.To see this for yourself, send Pound the following request:
It should forward something like this:
This forwarded message is incomplete, and will almost certainly cause the backend to time out while it waits for the message body to arrive.