bneradt commented on issue #12875:
URL:
https://github.com/apache/trafficserver/issues/12875#issuecomment-3893605829
I reproduced this by hand on the CI. I notice the following in the client
and server output:
```
POST /api/data HTTP/1.1
host: request-block.example.com
content-type: application/xml+plus_other_stuff
content-length: 49
uuid: request-block-test
[DEBUG]: Sent 49 byte body [CL] for key request-block-test:
<?xml version="1.0"?><!ENTITY xxe SYSTEM "file:">
[DEBUG]: Reading response header.
[DEBUG]: Received an HTTP/1 200 response for key request-block-test
with headers:
HTTP/1.1 200 OK
content-length: 2
Date: Thu, 12 Feb 2026 21:48:11 GMT
Age: 0
Connection: keep-alive
Server: ATS/10.2.0
[ERROR]: HTTP/1 Status Violation: expected 502 got 200, key:
request-block-test
```
On the server side:
```
[DEBUG]: Received an HTTP/1 request with key request-block-test:
POST /api/data HTTP/1.1
host: 127.0.0.1:61000
content-type: application/xml+plus_other_stuff
content-length: 0
uuid: request-block-test
Client-ip: 127.0.0.1
X-Forwarded-For: 127.0.0.1
Via: http/1.1 traffic_server[0add41da-2222-4448-bdd4-3f0273809b48]
(ApacheTrafficServer/10.2.0)
[DEBUG]: Received (with headers) an HTTP/1 body of 0 bytes for key
request-block-test with content:
[DEBUG]: Request with key request-block-test passed validation.
[DEBUG]: Sent the following HTTP/1 response headers for key
request-block-test:
HTTP/1.1 200 OK
content-length: 2
[DEBUG]: Sent 2 byte body [CL] for key request-block-test:
OK
```
Notice that the server received a `content-length: 0` request.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
