Nexus not supporting http negative range or supporting it incorrectly (Range: bytes=-10000)

[matejsp]

• What problem are you trying to solve? When migrating to latest poetry 1.8.0 there is an issue with nexus returning 404 instead of range not supported for negative ranges.

https://github.com/python-poetry/poetry/issues/9033

curl -v -H "Range: bytes=-10000" https://myuser:mypass@nexus.mycompany.net/repository/pypi-blessed/packages/mccabe/0.7.0/mccabe-0.7.0-py2.py3-none-any.whl\#sha256\=3259e7631b90a2a25934467501437109b9bead9db61aedf3539e79873759a6c0   
*   Trying x.x.x.x:443...
* using HTTP/1.1
* Server auth using Basic with user 'bitstamp'
> GET /repository/pypi-blessed/packages/mccabe/0.7.0/mccabe-0.7.0-py2.py3-none-any.whl HTTP/1.1
> Host: nexus.mycompany.net
> Authorization: Basic XXXXXXXXXXXXXXXXXXXX=
> User-Agent: curl/8.4.0
> Accept: */*
> Range: bytes=-10000
> 
< HTTP/1.1 404 Not Found
< Server: nginx/1.24.0
< Date: Mon, 26 Feb 2024 12:04:24 GMT
< Content-Type: text/html
< Content-Length: 1824
< Connection: keep-alive
< X-Content-Type-Options: nosniff
< Content-Security-Policy: sandbox allow-forms allow-modals allow-popups allow-presentation allow-scripts allow-top-navigation
< X-XSS-Protection: 1; mode=block
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate, post-check=0, pre-check=0
< Pragma: no-cache
< Expires: 0
< X-Frame-Options: DENY

curl -v -H "Range: bytes=0-100" https://myuser:mypass@nexus.mycompany.net/repository/pypi-blessed/packages/mccabe/0.7.0/mccabe-0.7.0-py2.py3-none-any.whl\#sha256\=3259e7631b90a2a25934467501437109b9bead9db61aedf3539e79873759a6c0   

< HTTP/1.1 206 Partial Content
< Server: nginx/1.24.0
< Date: Mon, 26 Feb 2024 12:10:20 GMT
< Content-Type: application/zip
< Content-Length: 101
< Connection: keep-alive
< X-Content-Type-Options: nosniff
< Content-Security-Policy: sandbox allow-forms allow-modals allow-popups allow-presentation allow-scripts allow-top-navigation
< X-XSS-Protection: 1; mode=block
< Content-Range: bytes 0-100/7348
< Last-Modified: Mon, 13 Jun 2022 13:35:05 GMT
< ETag: "{SHA1{6e0fd745753c9ec01a68b98e738da71382411d32}}"

• Do you have a workaround you are using at present? They implemented a workaround to fallback in case any http error is returned (404).

• What feature or behavior is this required for? To optimize dependency resolving by not needed to download whole content.

• How could we solve this issue? (Not knowing is okay!) Support negative range or return correct http error code. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Range 416 Range Not Satisfiable error.

• Tell us about your Nexus Repository deployment: what version, operating system, and database are you using? Sonatype Nexus RepositoryOSS 3.52.0-01

• Anything else? /

[nblair]

Thanks for opening an issue @matejsp - sounds like a curious edge case we weren't aware of. It looks like there is a workaround provided in the poetry client for now, did I read the linked ticket correctly?