Mercurial > hg > nginx-quic
comparison src/http/ngx_http_request_body.c @ 4935:7bd1c839af3b
Request body: improved handling of incorrect chunked request body.
While discarding chunked request body in some cases after detecting
request body corruption no error was returned, while it was possible
to correctly return 400 Bad Request. If error is detected too late,
make sure to properly close connection.
Additionally, in ngx_http_special_response_handler() don't return body
of 500 Internal Server Error to a client if ngx_http_discard_request_body()
fails, but disable keepalive and continue.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Mon, 26 Nov 2012 18:00:14 +0000 |
parents | b61edaa04342 |
children | 240e3fb392c9 |
comparison
equal
deleted
inserted
replaced
4934:b61edaa04342 | 4935:7bd1c839af3b |
---|---|
469 if (r->headers_in.content_length_n == 0) { | 469 if (r->headers_in.content_length_n == 0) { |
470 return NGX_OK; | 470 return NGX_OK; |
471 } | 471 } |
472 } | 472 } |
473 | 473 |
474 if (ngx_http_read_discarded_request_body(r) == NGX_OK) { | 474 rc = ngx_http_read_discarded_request_body(r); |
475 | |
476 if (rc == NGX_OK) { | |
475 r->lingering_close = 0; | 477 r->lingering_close = 0; |
476 return NGX_OK; | 478 return NGX_OK; |
477 } | 479 } |
478 | 480 |
479 /* == NGX_AGAIN */ | 481 if (rc >= NGX_HTTP_SPECIAL_RESPONSE) { |
482 return rc; | |
483 } | |
484 | |
485 /* rc == NGX_AGAIN */ | |
480 | 486 |
481 r->read_event_handler = ngx_http_discarded_request_body_handler; | 487 r->read_event_handler = ngx_http_discarded_request_body_handler; |
482 | 488 |
483 if (ngx_handle_read_event(rev, 0) != NGX_OK) { | 489 if (ngx_handle_read_event(rev, 0) != NGX_OK) { |
484 return NGX_HTTP_INTERNAL_SERVER_ERROR; | 490 return NGX_HTTP_INTERNAL_SERVER_ERROR; |
531 r->lingering_close = 0; | 537 r->lingering_close = 0; |
532 ngx_http_finalize_request(r, NGX_DONE); | 538 ngx_http_finalize_request(r, NGX_DONE); |
533 return; | 539 return; |
534 } | 540 } |
535 | 541 |
542 if (rc >= NGX_HTTP_SPECIAL_RESPONSE) { | |
543 c->error = 1; | |
544 ngx_http_finalize_request(r, NGX_ERROR); | |
545 return; | |
546 } | |
547 | |
536 /* rc == NGX_AGAIN */ | 548 /* rc == NGX_AGAIN */ |
537 | 549 |
538 if (ngx_handle_read_event(rev, 0) != NGX_OK) { | 550 if (ngx_handle_read_event(rev, 0) != NGX_OK) { |
539 c->error = 1; | 551 c->error = 1; |
540 ngx_http_finalize_request(r, NGX_ERROR); | 552 ngx_http_finalize_request(r, NGX_ERROR); |
604 b.last = buffer + n; | 616 b.last = buffer + n; |
605 | 617 |
606 rc = ngx_http_discard_request_body_filter(r, &b); | 618 rc = ngx_http_discard_request_body_filter(r, &b); |
607 | 619 |
608 if (rc != NGX_OK) { | 620 if (rc != NGX_OK) { |
609 r->connection->error = 1; | 621 return rc; |
610 return NGX_OK; | |
611 } | 622 } |
612 } | 623 } |
613 } | 624 } |
614 | 625 |
615 | 626 |