This is sounding good. How do I gain the level of control that you are describing here? The request_rec has a conn_rec, but I don't see how to get beyond that. If I've successfully read 4096 bytes, how do I then stop any further transactions on the socket? I don't know how to grab the socket in order to close it!
Thanks! Brian On 10/23/06, Roy T. Fielding <[EMAIL PROTECTED]> wrote:
On Oct 23, 2006, at 1:35 PM, Brian McQueen wrote: > The issue isn't really the limit, but the way Apache behaves when it > encounters the limit. When Apache encounters the limit it still reads > then entire incoming byte stream, even if its only throwing it away. > That is as demanded by the HTTP protocol: > > RFC 2616: http://www.w3.org/Protocols/rfc2616/rfc2616- > sec8.html#sec8.2.3 > > Where it says: > > - If an origin server receives a request that does not include an > Expect request-header field with the "100-continue" > expectation, > the request includes a request body, and the server responds > with a final status code before reading the entire request body > from the transport connection, then the server SHOULD NOT close > the transport connection until it has read the entire request, > or until the client closes the connection. Otherwise, the > client > might not reliably receive the response message. However, this > requirement is not be construed as preventing a server from > defending itself against denial-of-service attacks, or from > badly broken client implementations. > > Amazingly neither Firefox nor IE send out this Expect header! So if I > am to stay as a HTTP/1.1 compliant server I must read the entire body > of the gigabyte file, even though I know its oversized and is to be > ignored. Nevertheless, I want to make Apache do just that. I can't > have folks waiting that long. How can I make it return a reply, stop > reading and drop the connection? If this is a TCP connection, have it read just enough to ensure that the server has received the client's ACK of the error message. The "SHOULD NOT close" above is trying to prevent a server RST packet, which is sent to the client when the server receives additional data on a closed connection, from resetting the data window to some point before the server's error message. If you don't do that, the error message will be swallowed by TCP before the client ever gets to read it, and the client will try the same request again, resulting in the same error, and so on ... My guess is that any read larger than 4096 bytes would be sufficient to allow the ACK to be received, after which it is safe to close the connection even if the client is still sending. ....Roy
