On Sun, 01 Aug 2010 15:04:56 -0600, Alex Rousskov <rouss...@measurement-factory.com> wrote: > Compliance: Improved HTTP Range header field validation. > > 1) Improve HttpHdrRangeSpec::parseInit() to parse syntactically valid > range specs: > > * Suffix ranges with 0 length (i.e. -0), are syntactically valid. > > * Check that last-byte-pos is greater than or equal to first-byte-pos. > > After the change, HttpHdrRangeSpec::parseInit() successfully parses > suffix ranges with 0 length. They were rejected before. RFC 2616 section
> 14.35.1 says such range specs are syntactically valid but unsatisfiable. > Thus, we should ignore the range spec itself, but not the whole range > header. These range specs will be rejected later, during canonization. > > > 2) In HttpHdrRangeSpec::parseInit(), ignore the whole range header if > one of range specs is syntactically invalid (i.e. range spec parsing > fails). > > Co-Advisor test case: test_clause/rfc2616/invalidRange > > > Please review. > > Thank you, > > Alex. +1. Amos