Mercurial > hg > nginx
comparison src/http/ngx_http_spdy.c @ 5628:a24f88eff684
SPDY: detect premature closing of stream.
The SPDY/3.1 specification requires that the server must respond with
a 400 "Bad request" error if the sum of the data frame payload lengths
does not equal the size of the Content-Length header.
This also fixes "zero size buf in output" alert, that might be triggered
if client sends a greater than zero Content-Length header and closes
stream using the FIN flag with an empty request body.
author | Valentin Bartenev <vbart@nginx.com> |
---|---|
date | Fri, 28 Mar 2014 20:22:57 +0400 |
parents | d74889fbf06d |
children | 0aeb6f63d242 |
comparison
equal
deleted
inserted
replaced
5627:d74889fbf06d | 5628:a24f88eff684 |
---|---|
1607 | 1607 |
1608 if (sc->flags & NGX_SPDY_FLAG_FIN) { | 1608 if (sc->flags & NGX_SPDY_FLAG_FIN) { |
1609 | 1609 |
1610 stream->in_closed = 1; | 1610 stream->in_closed = 1; |
1611 | 1611 |
1612 if (r->headers_in.content_length_n < 0) { | |
1613 r->headers_in.content_length_n = rb->rest; | |
1614 | |
1615 } else if (r->headers_in.content_length_n != rb->rest) { | |
1616 ngx_log_error(NGX_LOG_INFO, r->connection->log, 0, | |
1617 "client prematurely closed stream: " | |
1618 "%O of %O bytes of request body received", | |
1619 rb->rest, r->headers_in.content_length_n); | |
1620 | |
1621 stream->skip_data = NGX_SPDY_DATA_ERROR; | |
1622 goto error; | |
1623 } | |
1624 | |
1612 if (tf) { | 1625 if (tf) { |
1613 ngx_memzero(buf, sizeof(ngx_buf_t)); | 1626 ngx_memzero(buf, sizeof(ngx_buf_t)); |
1614 | 1627 |
1615 buf->in_file = 1; | 1628 buf->in_file = 1; |
1616 buf->file_last = tf->file.offset; | 1629 buf->file_last = tf->file.offset; |
1617 buf->file = &tf->file; | 1630 buf->file = &tf->file; |
1618 | 1631 |
1619 rb->buf = NULL; | 1632 rb->buf = NULL; |
1620 } | |
1621 | |
1622 if (r->headers_in.content_length_n < 0) { | |
1623 r->headers_in.content_length_n = rb->rest; | |
1624 } | 1633 } |
1625 | 1634 |
1626 if (rb->post_handler) { | 1635 if (rb->post_handler) { |
1627 r->read_event_handler = ngx_http_block_reading; | 1636 r->read_event_handler = ngx_http_block_reading; |
1628 rb->post_handler(r); | 1637 rb->post_handler(r); |