[
https://issues.apache.org/jira/browse/TS-2902?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14098354#comment-14098354
]
Masakazu Kitajo commented on TS-2902:
-------------------------------------
Well, RFC2616 said that.
http://tools.ietf.org/html/rfc2616#section-4.4
{quote}
For compatibility with HTTP/1.0 applications, HTTP/1.1 requests
containing a message-body MUST include a valid Content-Length header
field unless the server is known to be HTTP/1.1 compliant. If a
request contains a message-body and a Content-Length is not given,
the server SHOULD respond with 400 (bad request) if it cannot
determine the length of the message, or with 411 (length required) if
it wishes to insist on receiving a valid Content-Length.
{quote}
Okey, 411 seems to be a optional way.
But RFC7230 says,
http://tools.ietf.org/html/rfc7230#section-3.3.3
{quote}
A user agent that sends a request containing a message body MUST send
a valid Content-Length header field if it does not know the server
will handle HTTP/1.1 (or later) requests; such knowledge can be in
the form of specific user configuration or by remembering the version
of a prior received response.
{quote}
Now this is the MUST case. It implicitly says posterior requests might not
contain Content-Length headers.
So my understanding is: HTTP/1.1 request without Content-Length is valid
request.
> Allow POST requests without a Content-Length header
> ---------------------------------------------------
>
> Key: TS-2902
> URL: https://issues.apache.org/jira/browse/TS-2902
> Project: Traffic Server
> Issue Type: Improvement
> Reporter: Masakazu Kitajo
> Assignee: Bryan Call
> Labels: review
> Fix For: 5.1.0
>
> Attachments: make_it_configuarable.patch
>
>
> I get "*400* Content Length Required" when user agents send a POST request
> that doesn't contain any body data without a Content-Length header.
> (The header is omitted because the length is zero, I think)
> According to RFC2730 Section 3.3.2, presence of Content-Length is not MUST.
> http://tools.ietf.org/html/rfc7230#section-3.3.2
> {quote}
> A user agent SHOULD send a Content-Length in a request message when
> no Transfer-Encoding is sent and the request method defines a meaning
> for an enclosed payload body.
> {quote}
> Also according to section 3.3.3, a server are allowed to reject similar
> request with 411 Length Required, but not *400*.
> http://tools.ietf.org/html/rfc7230#section-3.3.2
> {quote}
> A server MAY reject a request that contains a message body but not a
> Content-Length by responding with 411 (Length Required).
> {quote}
> Traffic Server should accept the requests, no body data without
> Content-Length header, or reject it with *411*. I think the former one is
> better for interoperability.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
