Compliance: reply with 400 (Bad Request) if request header is too big.
Reply with a standard 400 (Bad Request) instead of 601 (Unknown) status
in case of an ERR_TOO_BIG error. HTTP does not have a dedicated code for
the too-big header error. There is 414 (Request-URI Too Long), but Squid
does not distinguish too-large headers from too-large URIs.
Co-Advisor test case: test_case/rfc2616/longUri-65536
Compliance: reply with 400 (Bad Request) if request header is too big.
Reply with a standard 400 (Bad Request) instead of 601 (Unknown) status in
case of an ERR_TOO_BIG error. HTTP does not have a dedicated code for the
too-big header error. There is 414 (Request-URI Too Long), but Squid does not
distinguish too-large headers from too-large URIs.
Co-Advisor test case: test_case/rfc2616/longUri-65536
=== modified file 'src/HttpStatusCode.h'
--- src/HttpStatusCode.h 2010-01-01 21:16:57 +
+++ src/HttpStatusCode.h 2010-08-27 17:51:17 +
@@ -36,24 +36,26 @@ typedef enum {
HTTP_CONFLICT = 409,
HTTP_GONE = 410,
HTTP_LENGTH_REQUIRED = 411,
HTTP_PRECONDITION_FAILED = 412,
HTTP_REQUEST_ENTITY_TOO_LARGE = 413,
HTTP_REQUEST_URI_TOO_LARGE = 414,
HTTP_UNSUPPORTED_MEDIA_TYPE = 415,
HTTP_REQUESTED_RANGE_NOT_SATISFIABLE = 416,
HTTP_EXPECTATION_FAILED = 417,
HTTP_UNPROCESSABLE_ENTITY = 422,/** RFC2518 section 10.3 */
HTTP_LOCKED = 423, /** RFC2518 section 10.4 */
HTTP_FAILED_DEPENDENCY = 424, /** RFC2518 section 10.5 */
HTTP_INTERNAL_SERVER_ERROR = 500,
HTTP_NOT_IMPLEMENTED = 501,
HTTP_BAD_GATEWAY = 502,
HTTP_SERVICE_UNAVAILABLE = 503,
HTTP_GATEWAY_TIMEOUT = 504,
HTTP_HTTP_VERSION_NOT_SUPPORTED = 505,
HTTP_INSUFFICIENT_STORAGE = 507,/** RFC2518 section 10.6 */
HTTP_INVALID_HEADER = 600, /** Squid header parsing error */
-HTTP_HEADER_TOO_LARGE = 601 /* Header too large to process */
+HTTP_HEADER_TOO_LARGE = 601 /** Header too large to process. Used
+ internally only, replying to client
+ with HTTP_BAD_REQUEST instead. */
} http_status;
#endif /* _SQUID_SRC_HTTP_STATUSCODE_H */
=== modified file 'src/client_side.cc'
--- src/client_side.cc 2010-08-24 04:18:51 +
+++ src/client_side.cc 2010-08-27 17:47:19 +
@@ -2390,41 +2390,41 @@ clientProcessRequest(ConnStateData *conn
{
ClientHttpRequest *http = context-http;
HttpRequest *request = NULL;
bool notedUseOfBuffer = false;
bool tePresent = false;
bool deChunked = false;
bool mustReplyToOptions = false;
bool unsupportedTe = false;
/* We have an initial client stream in place should it be needed */
/* setup our private context */
context-registerWithConn();
if (context-flags.parsed_ok == 0) {
clientStreamNode *node = context-getClientReplyContext();
debugs(33, 1, clientProcessRequest: Invalid Request);
clientReplyContext *repContext = dynamic_castclientReplyContext *(node-data.getRaw());
assert (repContext);
switch (hp-request_parse_status) {
case HTTP_HEADER_TOO_LARGE:
-repContext-setReplyToError(ERR_TOO_BIG, HTTP_HEADER_TOO_LARGE, method, http-uri, conn-peer, NULL, conn-in.buf, NULL);
+repContext-setReplyToError(ERR_TOO_BIG, HTTP_BAD_REQUEST, method, http-uri, conn-peer, NULL, conn-in.buf, NULL);
break;
case HTTP_METHOD_NOT_ALLOWED:
repContext-setReplyToError(ERR_UNSUP_REQ, HTTP_METHOD_NOT_ALLOWED, method, http-uri, conn-peer, NULL, conn-in.buf, NULL);
break;
default:
repContext-setReplyToError(ERR_INVALID_REQ, HTTP_BAD_REQUEST, method, http-uri, conn-peer, NULL, conn-in.buf, NULL);
}
assert(context-http-out.offset == 0);
context-pullData();
conn-flags.readMoreRequests = false;
goto finish;
}
if ((request = HttpRequest::CreateFromUrlAndMethod(http-uri, method)) == NULL) {
clientStreamNode *node = context-getClientReplyContext();
debugs(33, 5, Invalid URL: http-uri);
clientReplyContext *repContext = dynamic_castclientReplyContext *(node-data.getRaw());
assert (repContext);
repContext-setReplyToError(ERR_INVALID_URL, HTTP_BAD_REQUEST, method, http-uri, conn-peer, NULL, NULL, NULL);
assert(context-http-out.offset == 0);