> The httpParseHeaders() function return bodylen -1 if the http headers do not
> content a Content-Length header.
Yes. I've taken a short-cut in the no-Content-Length case, which is
not quite correct. Since POST and PUT require the Content-Length,
I've been assuming that a client with no content-length is hopelessly
broken.
But the case you exhibit does indeed show that this case needs to be
taken seriously.
> 1. Proxy Authentication required by Polipo
> 2. Client Make a CONNECT request with no proxy auth header
> (username/password)
> 3 The Request does not include a Content-Length header (legitimate for
> CONNECT)
(Quoted for future reference.)
> Should we set connection->bodylen to 0 all the time unless the client
> request is POST/PUT. or there is actually a none-zero content-length header.
No, that's not correct in general, in particular it will have negative
side-effects if we receive an unknown request. The solution is to
handle more carefully the case when Content-Length is -1 -- but I need
to think about it some more.
Juliusz
-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php
_______________________________________________
Polipo-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/polipo-users
