[
https://issues.apache.org/jira/browse/TS-2902?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14098110#comment-14098110
]
Feifei Cai commented on TS-2902:
--------------------------------
Hi Masakazu,
Strictly speaking, "Content-Length" is a SHOULD but not a MUST. However, I
think we'd better follow the SHOULD.
[http://tools.ietf.org/html/rfc7230#section-3.3.2]
{quote}
A user agent SHOULD send a Content-Length in a request message when
no Transfer-Encoding is sent and the request method defines a meaning
for an enclosed payload body. For example, a Content-Length header
field is normally sent in a POST request even when the value is 0
(indicating an empty payload body). A user agent SHOULD NOT send a
Content-Length header field when the request message does not contain
a payload body and the method semantics do not anticipate such a
body.
{quote}
As to the response, I think that we can make it configurable, since it is MAY
in RFC 7230.
So, how about keep requiring "Content-Length" and add a configurable option to
response status code (400/411)? The patch makes requiring "Content-Length"
configurable and change response status code from 400 to 411, I'm afraid this
is somehow aggressive and may breaks some other's use cases.
> Allow POST requests without a Content-Length header
> ---------------------------------------------------
>
> Key: TS-2902
> URL: https://issues.apache.org/jira/browse/TS-2902
> Project: Traffic Server
> Issue Type: Improvement
> Reporter: Masakazu Kitajo
> Assignee: Bryan Call
> Labels: review
> Fix For: 5.1.0
>
> Attachments: make_it_configuarable.patch
>
>
> I get "*400* Content Length Required" when user agents send a POST request
> that doesn't contain any body data without a Content-Length header.
> (The header is omitted because the length is zero, I think)
> According to RFC2730 Section 3.3.2, presence of Content-Length is not MUST.
> http://tools.ietf.org/html/rfc7230#section-3.3.2
> {quote}
> A user agent SHOULD send a Content-Length in a request message when
> no Transfer-Encoding is sent and the request method defines a meaning
> for an enclosed payload body.
> {quote}
> Also according to section 3.3.3, a server are allowed to reject similar
> request with 411 Length Required, but not *400*.
> http://tools.ietf.org/html/rfc7230#section-3.3.2
> {quote}
> A server MAY reject a request that contains a message body but not a
> Content-Length by responding with 411 (Length Required).
> {quote}
> Traffic Server should accept the requests, no body data without
> Content-Length header, or reject it with *411*. I think the former one is
> better for interoperability.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
