Bug in B6361557
Robert Engels
rengels at ix.netcom.com
Mon Jan 6 12:10:16 UTC 2025
Hi,
I saw that too. But if you take that stance, if you change the test to send more than one request per connection it will now fail. I think the refreshed rfcs are impossible to implement and it’s an oversight.
> On Jan 6, 2025, at 12:25 AM, Jaikiran Pai <jai.forums2013 at gmail.com> wrote:
>
> I've now raised a PR to address the test issue. As for the following part:
>
>> On 03/01/25 9:11 pm, robert engels wrote:
>> ...
>>
>> sends an invalid http request according to the specification here https://datatracker.ietf.org/doc/html/rfc2616#section-4.4
>>
>> specifically "When a Content-Length is given in a message where a message-body is
>> allowed, its field value MUST exactly match the number of OCTETs in
>> the message-body. HTTP/1.1 user agents MUST notify the user when an
>> invalid length is received and detected."
>>
>> ...
>>
>> It currently passes, only because the server is not fully implementing the http specification.
>
> I read that section again today and (like you note) it states that "HTTP/1.1 user agents MUST notify the user when an invalid length is received and detected." However, RFC-2616 (the one quoted above) is obsoleted by RFC-9110. RFC-9110 no longer has that above sentence for the Content-Length semantics in section 8.6 (https://www.rfc-editor.org/rfc/rfc9110#name-content-length). Furthermore, RFC-9110 section 3.5 (https://www.rfc-editor.org/rfc/rfc9110#name-user-agents), defines an user agent as:
>
> "The term "user agent" refers to any of the various client programs that initiate a request."
>
> So, given all this, I don't think the JDK's current implementation of the HttpServer is in violation of the RFC.
>
> -Jaikiran
>
>
>
More information about the net-dev
mailing list