[erlang-questions] gen_tcp and large HTTP headers
Loïc Hoguin
essen@REDACTED
Wed Jun 22 23:17:40 CEST 2011
More info here:
https://github.com/extend/cowboy/issues/3
We just switched to calling decode_packet directly. It's a bug in
gen_tcp when in HTTP mode, not decode_packet, so it works fine now. I
haven't had the time to find the exact source of this bug but it's on my
todo list.
Cheers.
On 06/22/2011 10:25 PM, Roberto Ostinelli wrote:
> hi steve,
>
> it does look so indeed. i actually do receive the http_request message:
>
> {http, Sock, {http_request, Method, Path, Version}}
>
> even though the GET request has obviously been shortened, so that the
> remaining part of the GET request gets passed over and then generates
> the http_error message while parsing headers.
>
> i guess i actually should not receive the http_request message, since
> the GET header is incomplete.
>
>
> 2011/6/22 Steve Vinoski <vinoski@REDACTED <mailto:vinoski@REDACTED>>
>
> IMO this is really a bug in the http packet parser. Setting recbuf
> might work for this example but if you get a larger URI then it will
> obviously fail, as you can't set it large enough.
>
> For this case the packet parser must realize the http request line is
> incomplete and complete the parsing only once the whole request line
> arrives. Getting this completely right might well require allowing a
> way for the application to control how long a URI it wants to allow,
> since if the parser just keeps reading in packets to find the end of
> the request line someone could deny service by just sending request
> packets that contain a really really long URI.
>
> --steve
>
>
>
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
--
Loïc Hoguin
Dev:Extend
More information about the erlang-questions
mailing list