On Oct 23, 2006, at 1:35 PM, Brian McQueen wrote:
The issue isn't really the limit, but the way Apache behaves when it
encounters the limit. When Apache encounters the limit it still reads
then entire incoming byte stream, even if its only throwing it away.
That is as demanded by the HTTP protocol:
RFC 2616: http://www.w3.org/Protocols/rfc2616/rfc2616-
sec8.html#sec8.2.3
Where it says:
- If an origin server receives a request that does not include an
Expect request-header field with the "100-continue"
expectation,
the request includes a request body, and the server responds
with a final status code before reading the entire request body
from the transport connection, then the server SHOULD NOT close
the transport connection until it has read the entire request,
or until the client closes the connection. Otherwise, the
client
might not reliably receive the response message. However, this
requirement is not be construed as preventing a server from
defending itself against denial-of-service attacks, or from
badly broken client implementations.
Amazingly neither Firefox nor IE send out this Expect header! So if I
am to stay as a HTTP/1.1 compliant server I must read the entire body
of the gigabyte file, even though I know its oversized and is to be
ignored. Nevertheless, I want to make Apache do just that. I can't
have folks waiting that long. How can I make it return a reply, stop
reading and drop the connection?
If this is a TCP connection, have it read just enough to ensure that
the server has received the client's ACK of the error message. The
"SHOULD NOT close" above is trying to prevent a server RST packet,
which is sent to the client when the server receives additional data
on a closed connection, from resetting the data window to some point
before the server's error message. If you don't do that, the error
message will be swallowed by TCP before the client ever gets to read it,
and the client will try the same request again, resulting in the same
error, and so on ...
My guess is that any read larger than 4096 bytes would be sufficient
to allow the ACK to be received, after which it is safe to close the
connection even if the client is still sending.
....Roy
