On Tue, Jul 31, 2001 at 12:56:35AM -0400, Rocco Caputo wrote:
> On Mon, Jul 30, 2001 at 01:39:56AM +0200, Anton Berezin wrote:
> > And third, there are some `use of undefined value' occurences there
> > at the moment.
>
> Agreed, agreed, and applied x2.
:-)
It looks like one of these was lost actually:
Index: POE/Filter/HTTPD.pm
===================================================================
RCS file: /cvsroot/poe/poe/POE/Filter/HTTPD.pm,v
retrieving revision 1.16
diff -u -r1.16 HTTPD.pm
--- POE/Filter/HTTPD.pm 2001/07/31 04:56:44 1.16
+++ POE/Filter/HTTPD.pm 2001/07/31 05:39:17
@@ -138,7 +138,8 @@
# print "post:$buf:\END BUFFER\n";
# print length($buf)."-".$r->content_length()."\n";
- if(length($buf) >= $r->content_length()) {
+ my $cl = $r->content_length() || 0;
+ if(length($buf) >= $cl) {
$r->content($buf);
$self->{finish}++;
return [$r];
Alternatively it might be turned into an error; hmm, it's even more
reasonable. From rfc2068:
: For compatibility with HTTP/1.0 applications, HTTP/1.1 requests
: containing a message-body MUST include a valid Content-Length header
: field unless the server is known to be HTTP/1.1 compliant. If a
: request contains a message-body and a Content-Length is not given,
: the server SHOULD respond with 400 (bad request) if it cannot
: determine the length of the message, or with 411 (length required) if
: it wishes to insist on receiving a valid Content-Length.
Index: POE/Filter/HTTPD.pm
===================================================================
RCS file: /cvsroot/poe/poe/POE/Filter/HTTPD.pm,v
retrieving revision 1.16
diff -u -r1.16 HTTPD.pm
--- POE/Filter/HTTPD.pm 2001/07/31 04:56:44 1.16
+++ POE/Filter/HTTPD.pm 2001/07/31 05:57:40
@@ -47,8 +47,7 @@
# happen. -><- Maybe this should return [] instead of dying?
if($self->{'finish'}) {
- # BAD_REQUEST
- return [ $self->build_error(400, "Did not want any more data") ];
+ return [ $self->build_error(RC_BAD_REQUEST, "Did not want any more data") ];
}
# Accumulate data in a framing buffer.
@@ -88,7 +87,7 @@
# Parse the request line.
if ($buf !~ s/^(\w+)[ \t]+(\S+)(?:[ \t]+(HTTP\/\d+\.\d+))?[^\012]*\012//) {
- return [ $self->build_error(400) ]; # BAD_REQUEST
+ return [ $self->build_error(RC_BAD_REQUEST) ];
}
my $proto = $3 || "HTTP/0.9";
@@ -121,10 +120,11 @@
$self->{header} = $r;
- # If this is a GET request, we won't be expecting a message body.
+ # If this is a GET or HEAD request, we won't be expecting a message body.
# Finish up.
- if($r->method() eq 'GET') {
+ my $meth = $r->method();
+ if($meth eq 'GET' || $meth eq 'HEAD') {
$self->{finish}++;
return [$r];
}
@@ -134,11 +134,14 @@
# we're done. Otherwise we'll expect a subsequent get() call to
# finish things up.
- if($r->method() eq 'POST') {
+ if($meth eq 'POST') {
# print "post:$buf:\END BUFFER\n";
# print length($buf)."-".$r->content_length()."\n";
- if(length($buf) >= $r->content_length()) {
+ my $cl = $r->content_length();
+ return [ $self->build_error(RC_LENGTH_REQUIRED) ] unless defined $cl;
+ return [ $self->build_error(RC_BAD_REQUEST) ] unless $cl =~ /^\d+$/;
+ if(length($buf) >= $cl) {
$r->content($buf);
$self->{finish}++;
return [$r];
I did not do the same testing for content_length() when there's the
second get() invocation for it is supposed to be tested already, at
least in the case of POST (and in the case of GET, and now HEAD, we
never reach that point anyway, and we don't do the right thing in case
of any other request method anyway).
Cheers,
=Anton.
--
May the tuna salad be with you.
