Hi Chuck, Thank for your answer and details explanation. We have requested our customer to fix the wrong client. Are there any logs we can see if the content length does not match?
Once again thanks for your help! Thanks, Bhavesh On Thu, Feb 7, 2019 at 4:03 PM Caldarale, Charles R < chuck.caldar...@unisys.com> wrote: > > From: Bhavesh Mistry [mailto:mistry.p.bhav...@gmail.com] > > Subject: Re: Fwd: Tomcat-embed-core-9.0.12.jar bug about Content-Length > Corrupting > > Parsing logic for Subsequent Request > > > I am stating following when you have request/response on the same TCP > > connection. for example, > > > My understanding (please correct me if my wrong): > > It's wrong. All TCP traffic, including HTTP requests, is a stream of > bytes. > There are no indications where one request ends and another starts other > than the content length in each request. If the malformed request > specifies > a length smaller than the actual content size, the next request will appear > to start somewhere in the content stream. Similarly, if the > request-specified content length is larger than the sent size, the > connector > consumes part of the next request as the content of the prior. There is no > way for a server to correct this client misbehavior, other than by the > server administrator disabling keep-alive - with serious performance > impacts > for well-mannered clients. Fix your broken client. > > - Chuck > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > MATERIAL and is thus for use only by the intended recipient. If you > received > this in error, please contact the sender and delete the e-mail and its > attachments from all computers. > >
