On 15/06/2016 12:27, Alex Bligh wrote: > > On 15 Jun 2016, at 10:18, Paolo Bonzini <pbonz...@redhat.com> wrote: > >>> So what should those servers do (like 2 of mine) which don't buffer >>> the entire read, if they get an error having already sent some data? >> >> They have sent an error code of zero, and it turned out to be wrong. So >> the only thing they can do safely is disconnect. > > Right, but that is not what Wouter's change says: > > + If an error occurs, the server SHOULD set the appropriate error code > + in the error field. The server MAY then initiate a hard disconnect. > + If it chooses not to, it MUST NOT send any payload for this request. > > I read this as either > > a) the server can issue a hard disconnect without sending any reply; or > > b) it must send the reply header with no payload > > It also seems to permit not setting the error code (it's only a 'SHOULD'), > not disconnecting (it's a MAY), then not sending any payload, which is a > nonsense.
Right. > Perhaps this should read "If an error occurs, the server MUST either initiate > a hard disconnect before the entire payload has been sent or > set the appropriate code in the error field and send the response header > without any payload." if we want to go down this route. Yes, I agree. I do believe we want to go down this route. I think we agree that partial buffering may always require the server to disconnect after an error. Therefore I don't see any benefit at all in sending a payload after an error message. Paolo
