I'll reply to myself after thinking about it a bit. I forgot to
mention that the original source of the HTTP requests is the servlet
API where all headers are just headers. I wonder if HttpCore
differentiates between message headers and entity headers and maybe
that's what we need to do to correct the HttpRequest objects in a way
that HttpCore expects.
On Fri, Aug 22, 2008 at 6:01 PM, Bill Higgins <[EMAIL PROTECTED]> wrote:
> We have been working on a little proxy server that sits between a
> browser and a backend data server. We take an incoming HTTP request
> from the browser (type HttpRequest) and copy them into a new proxy
> HTTP Request (also type HttpRequest). We use Apache HTTP Client within
> our server to send the new proxy HTTP Request to the remote server.
>
> Our code currently blindly copies the incoming browser request's
> headers into the headers of the outgoing proxy request. On
> content-enclosing requests, this leads to an unexpected exception for
> PUT and POST requests:
>
> org.apache.http.ProtocolException: Content-Length header already present
>
> We stepped through the code and realized that the error happens in
> org.apache.http.protocol.RequestContent#process. The stanza that
> throws the exception is this one:
>
> if (request instanceof HttpEntityEnclosingRequest) {
> // ...
> if (request.containsHeader(HTTP.CONTENT_LEN)) {
> throw new ProtocolException("Content-Length header already
> present");
> }
>
> It appears like the RequestContent wants to set the request's
> Content-Length header itself based on the contents of its entity. But
> we're setting it at the request level because we're acting as a
> transparent proxy and the browser already told us what the
> content-length was.
>
> So I understand the rationale but it almost feels like you're being
> too paranoid and penalizing code that knows what it's doing. For now
> we'll just remove all of the headers that RequestContent doesn't seem
> to like, but it seems wrong that we have to read the code to
> understand what's allowed and not allowed.
>
> Here's what we'd prefer (in order of preference):
> 1) If you can compute the length of the entity within Java code, just
> overwrite whatever's on the incoming request
> 2) Trust the content-length a client sends in
> 3) Document that you're not supposed to set the content-length at the
> request level when using HttpClient
>
> Please let me know what you think - maybe I'm missing something (it
> wouldn't be the first time).
>
> --
>
> - Bill
>
--
- Bill
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
