Support all three HTTP body kinds

hjr3 / weldr

A HTTP 1.1 proxy written in Rust using tokio.

Apache License 2.0

217 stars 20 forks source link

Support all three HTTP body kinds #43

Closed hjr3 closed 7 years ago

hjr3 commented 7 years ago

Chunked transfer decoder now parses body to ensure we read only the correct amount.
If no content length header or chunked transfer header is specified, the body will default to the UntilClose codec.

TODO:

[x] finish request body
[x] add UntilClose tests

hjr3 commented 7 years ago

@yanns I think we are pretty close here.

tailhook commented 7 years ago

Should chunked encoding have a higher priority as the content length header?

Take a look here: http://httpwg.org/specs/rfc7230.html#message.body.length

Also, note that this implementation ignores duplicate content-length. And it's common attack vector for request smuggling.

yanns commented 7 years ago

@tailhook thx, very good doc.

If a message is received with both a Transfer-Encoding and a Content-Length header field, the Transfer-Encoding overrides the Content-Length.

In general we have some work to do to be conform... 😉

hjr3 commented 7 years ago

Thank you for the note @tailhook. We are definitely not conforming to the spec. Much of the work has been trying to get parsing working within the tokio framework.

I created https://github.com/hjr3/alacrity/issues/44 and https://github.com/hjr3/alacrity/issues/45 to track these two issues.