We have been working on a little proxy server that sits between a
browser and a backend data server. We take an incoming HTTP request
from the browser (type HttpRequest) and copy them into a new proxy
HTTP Request (also type HttpRequest). We use Apache HTTP Client within
our server to send the new proxy HTTP Request to the remote server.
Our code currently blindly copies the incoming browser request's
headers into the headers of the outgoing proxy request. On
content-enclosing requests, this leads to an unexpected exception for
PUT and POST requests:
org.apache.http.ProtocolException: Content-Length header already present
We stepped through the code and realized that the error happens in
org.apache.http.protocol.RequestContent#process. The stanza that
throws the exception is this one:
if (request instanceof HttpEntityEnclosingRequest) {
// ...
if (request.containsHeader(HTTP.CONTENT_LEN)) {
throw new ProtocolException("Content-Length header already
present");
}
It appears like the RequestContent wants to set the request's
Content-Length header itself based on the contents of its entity. But
we're setting it at the request level because we're acting as a
transparent proxy and the browser already told us what the
content-length was.
So I understand the rationale but it almost feels like you're being
too paranoid and penalizing code that knows what it's doing. For now
we'll just remove all of the headers that RequestContent doesn't seem
to like, but it seems wrong that we have to read the code to
understand what's allowed and not allowed.
Here's what we'd prefer (in order of preference):
1) If you can compute the length of the entity within Java code, just
overwrite whatever's on the incoming request
2) Trust the content-length a client sends in
3) Document that you're not supposed to set the content-length at the
request level when using HttpClient
Please let me know what you think - maybe I'm missing something (it
wouldn't be the first time).
--
- Bill
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
