https://bugs.kde.org/show_bug.cgi?id=507523
Bug ID: 507523
Summary: GET request includes "Content-Length: 0" header
Classification: Frameworks and Libraries
Product: frameworks-kio
Version First 6.16.0
Reported In:
Platform: openSUSE
OS: Linux
Status: REPORTED
Severity: normal
Priority: NOR
Component: HTTP
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected]
Target Milestone: ---
SUMMARY
Using KIO::storedGet sends an http request which includes the header,
"Content-Length: 0". Current RFC says that header shouldn't be sent.
STEPS TO REPRODUCE
Use whatever method you choose to observe the http request headers. One
possibility is:
$ kioclient cat https://httpbin.org/headers
OBSERVED RESULT
{
"headers": {
"Accept-Encoding": "zstd, br, gzip, deflate",
"Accept-Language": "en-US,*",
"Content-Length": "0",
"Host": "httpbin.org",
"User-Agent": "Mozilla/5.0 (X11; Linux x86_64) KIO/6.16 kioworker/6.16.0"
}
}
EXPECTED RESULT
Based on the RFC, the Content-Length header shouldn't be sent. For comparison,
curl sends:
$ curl https://httpbin.org/headers
{
"headers": {
"Accept": "*/*",
"Host": "httpbin.org",
"User-Agent": "curl/8.14.1"
}
}
SOFTWARE/OS VERSIONS
KDE Frameworks Version: 6.16.0
Qt Version: 6.9.1
ADDITIONAL INFORMATION
RFC9110, https://www.rfc-editor.org/rfc/rfc9110.html#name-content-length, says:
> A user agent SHOULD NOT send a Content-Length header field when the request
> message does not contain content
> and the method semantics do not anticipate such data.
An older one, RFC2616,
https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.13, is worded
differently.
> Any Content-Length greater than or equal to zero is a valid value.
There doesn't seem to be anything that distinguishes method semantics in the
older RFC.
Various other reports suggest this could be an issue with some CDNs.
https://github.com/http-kit/http-kit/issues/583
https://github.com/httprb/http/issues/487
--
You are receiving this mail because:
You are watching all bug changes.
