[ https://issues.apache.org/jira/browse/HTTPCORE-736?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17702420#comment-17702420 ]
Jin Xu commented on HTTPCORE-736: --------------------------------- [~olegk] Hi. I re-investigated the whole invoke chain today. Yes mostly you be right. We have some kids wrote some codes like this: ```java HttpUriRequest httpUriRequest = RequestBuilder.create("GET") .setUri("http://127.0.0.1") .setEntity( new ByteArrayEntity(new byte[0]) ).build(); ((HttpEntityEnclosingRequest)httpUriRequest).setEntity(null); System.out.println(httpUriRequest); HttpClient client = HttpClients.createSystem(); client.execute(httpUriRequest); ``` As when he run the build() there be an entity in that builder, the HttpUriRequest becomes RequestBuilders$InternalEntityEclosingRequest And then he set the entity to null (sigh) .............one of the disasters those AOP abusing guys would cause. Still, I actually be queite worried even so. If you want EntityEclosingRequest to really have entity, you shall add require non null checker onto it to ensure failure when people try to set it null, after all it exposed an public setEntity function right? But actually HttpEntityEnclosingRequest doesn't mean the entity must bu not null, as you can see, quite some implementations shows it allows user to set it to null, thus would cause the content-length=0 appear, like org.apache.http.impl.client.EntityEnclosingRequestWrapper Otherwise you shall make it compitable when it be null... Well I don't think I'm the only one who have coworkers doing stupid behaviors like this, so I do think we should have a decision on fix on either side. > HttpClient GET method adds Content-Length: 0 header > --------------------------------------------------- > > Key: HTTPCORE-736 > URL: https://issues.apache.org/jira/browse/HTTPCORE-736 > Project: HttpComponents HttpCore > Issue Type: Bug > Affects Versions: 4.4.16, 5.2.1 > Reporter: Jin Xu > Priority: Critical > Time Spent: 50m > Remaining Estimate: 0h > > HttpClient GET method adds Content-Length: 0 header > This would cuase some server/firewall deny this kind of http requests. > See fixes of the same bug in other frameworks: > java: https://bugs.openjdk.org/browse/JDK-8283544 > dart: https://github.com/dart-lang/shelf/pull/180 -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org For additional commands, e-mail: dev-h...@hc.apache.org