[Mapserver-dev] HTTP Post Handling
Rob Atkinson
rob at socialchange.net.au
Thu Feb 12 23:52:06 EST 2004
--------------030404000802070000040506
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
The relevant RFC states that:
For compatibility with HTTP/1.0 applications, HTTP/1.1 requests
containing a message-body MUST include a valid Content-Length header
field unless the server is known to be HTTP/1.1 compliant. If a request
contains a message-body and a Content-Length is not given, the server
SHOULD respond with 400 (bad request) if it cannot determine the length
of the message, or with 411 (length required) if it wishes to insist on
receiving a valid Content-Length.
IMHO, this means that if mapserv is served by a HTTP 1.1 compliant
server there is no requirement for the client to set the Content-Length
and thus thus code in cgiutils.c :
cl = atoi(getenv("CONTENT_LENGTH"));
if(strcmp(request->contenttype, "application/x-www-form-urlencoded")) {
request->postrequest = (char *)malloc(sizeof(char)*cl+1);
if (fread(request->postrequest, 1, cl, stdin) < cl){
printf("Content-type: text/html%c%c",10,10);
printf("POST body is short\n");
exit(1);
}
is at fault. At the very least it should throw a 411 exception, but it
would be better to make it more robust.
RA
--------------030404000802070000040506
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1">
<title></title>
</head>
<body>
<br>
The relevant RFC states that:<br>
<br>
<i>For compatibility with HTTP/1.0 applications, HTTP/1.1 requests containing
a message-body MUST include a valid Content-Length header field unless the
server is known to be HTTP/1.1 compliant. If a request contains a message-body
and a Content-Length is not given, the server SHOULD respond with 400 (bad
request) if it cannot determine the length of the message, or with 411 (length
required) if it wishes to insist on receiving a valid Content-Length. <br>
</i><br>
IMHO, this means that if mapserv is served by a HTTP 1.1 compliant server
there is no requirement for the client to set the Content-Length and thus
thus code in cgiutils.c :<br>
<br>
cl = atoi(getenv("CONTENT_LENGTH"));<br>
<br>
if(strcmp(request->contenttype, "application/x-www-form-urlencoded"))
{<br>
<br>
request->postrequest = (char *)malloc(sizeof(char)*cl+1);<br>
if (fread(request->postrequest, 1, cl, stdin) < cl){<br>
printf("Content-type: text/html%c%c",10,10);<br>
printf("POST body is short\n");<br>
exit(1);<br>
}<br>
<br>
is at fault. At the very least it should throw a 411 exception, but it would
be better to make it more robust.<br>
<br>
RA<br>
<br>
<br>
</body>
</html>
--------------030404000802070000040506--
More information about the mapserver-dev
mailing list