New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
net/http: HTTP Server messed up pipelined HTTP requests after POST request #10876
Comments
Personally, I suspect this is due to request.go#741 , the ReadAll() may affect later requests. Perhaps there need add a missing |
I think it is not due to the implementation of parsePostForm but rather to the bogus \r\n you have added after the message body of the POST query. See https://www.ietf.org/rfc/rfc2616.txt section 4.1 It says:
The Go http package SHOULD ignore the CRLF, but does not. The Go implementation could be made more robust by ignoring those CRLF, but what it currently does is still correct. |
Yes, you're right, the correct request (which Go server will now accept) is
Still, please consider ignoring the carriage return (as it'll be much more convenient for sending request over command prompt). |
Probably, @bradfitz to decide. |
Mailing a CL in case he wants it. |
Please refer http://tools.ietf.org/html/rfc7230#section-3 instead of obsoleted RFC 2616. |
CL https://golang.org/cl/10170 mentions this issue. |
Ah yes, sorry. In RFC 7230, this recommendation is in section 3.5. |
My previous HTTP load balancer (https://github.com/perlbal/Perlbal) ignored that extra \r\n after a POST, but I thought that one buggy browser (Netscape Navigator something) died out 10+ years ago. Is there an actual HTTP client which still is broken like this? I would really rather be strict unless it would actually help an important client. Or we could at least detect it and return an error message informing the user that their HTTP client is buggy and old. |
CL https://golang.org/cl/11491 mentions this issue. |
By default, Go's HTTP server (from package net/http) supports HTTP/1.1 pipelined requests (Connection: keep-alive) and will dispatch each request to a new handler Go-routine (before encountering any POST requests).
However, after the first POST request encountered in a pipeline, the Go HTTP server failed to parse the following requests, either GET or POST, and will reply with a "400 Bad Request".
A simple demo for this misbehavior: (assume we already launched the server on port 8080)
Version&architecture:I observed this phenomenon on "go version go1.4.2 windows/amd64"; the architecture shouldn't be important though. Similar behavior appears in Mac version also. This should be a package's bug.
Expected result: Other traditional HTTP servers (including Nginx/Apache, and default server in Node.js) all handled this correctly. The expected result should be three consecutive "HTTP/1.1 200 OK"s (with contents respectively).
Observed result: using the example minimal net/http server as seen in go ducument's "Writing Web Applications", the response to above pipelined requests is:
The text was updated successfully, but these errors were encountered: