I've now raised a PR to address the test issue. As for the following part:
On 03/01/25 9:11 pm, robert engels wrote:
... sends an invalid http request according to the specification here https://datatracker.ietf.org/doc/html/rfc2616#section-4.4 specifically "When a Content-Length is given in a message where a message-body is allowed, its field value MUST exactly match the number of OCTETs in the message-body. HTTP/1.1 user agents MUST notify the user when an invalid length is received and detected." ... It currently passes, only because the server is not fully implementing the http specification.
I read that section again today and (like you note) it states that "HTTP/1.1 user agents MUST notify the user when an invalid length is received and detected." However, RFC-2616 (the one quoted above) is obsoleted by RFC-9110. RFC-9110 no longer has that above sentence for the Content-Length semantics in section 8.6 (https://www.rfc-editor.org/rfc/rfc9110#name-content-length). Furthermore, RFC-9110 section 3.5 (https://www.rfc-editor.org/rfc/rfc9110#name-user-agents), defines an user agent as:
"The term "user agent" refers to any of the various client programs that initiate a request."
So, given all this, I don't think the JDK's current implementation of the HttpServer is in violation of the RFC.
-Jaikiran
