Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: define conditions when content-length should be sent #2305

Merged
merged 7 commits into from
Oct 26, 2023
Merged

fix: define conditions when content-length should be sent #2305

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
670f31f
fix: bypass DELETE method content-length mismatch when request.conten…
pxue Oct 3, 2023
2461dbc
add shouldSendContentLength to better define conditions where content…
pxue Oct 6, 2023
75aefbd
refactor to ignore content-length on methods that do not anticipate a…
pxue Oct 9, 2023
c8bf1f6
fix up content-length to handle all cases with no defined semantics
pxue Oct 13, 2023
4587f37
fix up tests
pxue Oct 13, 2023
194a60c
remove prettierignore
pxue Oct 13, 2023
741b811
test content-length in request is undefined or 0
pxue Oct 15, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
16 changes: 14 additions & 2 deletions lib/client.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1495,6 +1495,16 @@ function _resume (client, sync) {
}
}

function shouldSendContentLength (contentLength, method) {
if (contentLength > 0) {
if (method === 'POST' || method === 'PUT' || method === 'PATCH') {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thinking twice is better if we exclude those who don't explicitly support the request's body semantics, so methods like DELETE, whose bodies are up to the server to decide what to do with them, can still have a content-length header.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Made the changes, glad we're getting closer.

return true
}
return false
}
return (method === 'POST' || method === 'PUT' || method === 'PATCH')
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what?
If this code is correct, its logic must be simplified to just one line:

function shouldSendContentLength(method) {
  return (method === 'POST' || method === 'PUT' || method === 'PATCH');
}

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You're right!

Is this what we want? We're basically saying all non Post/put/patch methods have no defined semantics for a body.

Therefore we should not send content-length

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What if someone still puts a content body in the request? Does it make sense to still put the content-length in that case?

Still, the code must be changed to this:

function shouldSendContentLength(contentLength, method) {
  return contentLength > 0 || method === 'POST' || method === 'PUT' || method === 'PATCH';
}

or this:

function shouldSendContentLength(method) {
  return method === 'POST' || method === 'PUT' || method === 'PATCH';
}

depending on the logic that you want to obtain.

}

function write (client, request) {
if (client[kHTTPConnVersion] === 'h2') {
writeH2(client, client[kHTTP2Session], request)
Expand Down Expand Up @@ -1538,7 +1548,9 @@ function write (client, request) {
contentLength = null
}

if (request.contentLength !== null && request.contentLength !== contentLength) {
// https://github.com/nodejs/undici/issues/2046
// A user agent may send a Content-Length header with 0 value, this should be allowed.
if (shouldSendContentLength(contentLength, method) && request.contentLength !== null && request.contentLength !== contentLength) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Following previous comment, it is better if we offload the contentLength to the if statement instead. In that sense if contentLength is greater than 0, and the method has explicit semantics to handle the request's body; we attach it. Otherwise, we just ignore it.

if (client[kStrictContentLength]) {
errorRequest(client, request, new RequestContentLengthMismatchError())
return false
Expand Down Expand Up @@ -1755,7 +1767,7 @@ function writeH2 (client, session, request) {
contentLength = null
}

if (request.contentLength != null && request.contentLength !== contentLength) {
if (shouldSendContentLength(contentLength, method) && request.contentLength != null && request.contentLength !== contentLength) {
if (client[kStrictContentLength]) {
errorRequest(client, request, new RequestContentLengthMismatchError())
return false
Expand Down
157 changes: 104 additions & 53 deletions test/content-length.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ const { Readable } = require('stream')
const { maybeWrapStream, consts } = require('./utils/async-iterators')

test('request invalid content-length', (t) => {
t.plan(10)
t.plan(6)

const server = createServer((req, res) => {
res.end()
Expand Down Expand Up @@ -61,58 +61,6 @@ test('request invalid content-length', (t) => {
t.type(err, errors.RequestContentLengthMismatchError)
})

client.request({
path: '/',
method: 'HEAD',
headers: {
'content-length': 10
}
}, (err, data) => {
t.type(err, errors.RequestContentLengthMismatchError)
})

client.request({
path: '/',
method: 'GET',
headers: {
'content-length': 0
}
}, (err, data) => {
t.type(err, errors.RequestContentLengthMismatchError)
})

client.request({
path: '/',
method: 'GET',
headers: {
'content-length': 4
},
body: new Readable({
read () {
this.push('asd')
this.push(null)
}
})
}, (err, data) => {
t.type(err, errors.RequestContentLengthMismatchError)
})

client.request({
path: '/',
method: 'GET',
headers: {
'content-length': 4
},
body: new Readable({
read () {
this.push('asasdasdasdd')
this.push(null)
}
})
}, (err, data) => {
t.type(err, errors.RequestContentLengthMismatchError)
})

client.request({
path: '/',
method: 'GET',
Expand Down Expand Up @@ -329,3 +277,106 @@ test('request streaming with Readable.from(buf)', (t) => {
})
})
})

test('request DELETE and content-length=0', (t) => {
t.plan(2)
const server = createServer((req, res) => {
res.end()
metcoder95 marked this conversation as resolved.
Show resolved Hide resolved
})
t.teardown(server.close.bind(server))
server.listen(0, () => {
const client = new Client(`http://localhost:${server.address().port}`)
t.teardown(client.destroy.bind(client))

client.request({
path: '/',
method: 'DELETE',
headers: {
'content-length': 0
}
}, (err) => {
t.error(err)
})
client.on('disconnect', () => {
t.pass()
})
})
})

test('content-length shouldSendContentLength=false', (t) => {
t.plan(8)
const server = createServer((req, res) => {
res.end()
metcoder95 marked this conversation as resolved.
Show resolved Hide resolved
})
t.teardown(server.close.bind(server))
server.listen(0, () => {
const client = new Client(`http://localhost:${server.address().port}`)
t.teardown(client.destroy.bind(client))

client.request({
path: '/',
method: 'HEAD',
headers: {
'content-length': 10
}
}, (err) => {
t.error(err)
})

client.request({
path: '/',
method: 'GET',
headers: {
'content-length': 0
}
}, (err) => {
t.error(err)
})

client.request({
path: '/',
method: 'DELETE',
headers: {
'content-length': 4
}
}, (err) => {
t.error(err)
})

client.request({
path: '/',
method: 'GET',
headers: {
'content-length': 4
},
body: new Readable({
read () {
this.push('asd')
this.push(null)
}
})
}, (err) => {
t.error(err)
})

client.request({
path: '/',
method: 'GET',
headers: {
'content-length': 4
},
body: new Readable({
read () {
this.push('asasdasdasdd')
this.push(null)
}
})
}, (err) => {
t.error(err)
})

client.on('disconnect', () => {
t.pass()
})
})
})
4 changes: 0 additions & 4 deletions test/no-strict-content-length.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,6 @@ tap.test('strictContentLength: false', (t) => {
'content-length': 10
}
}, (err, data) => {
assertEmitWarningCalledAndReset()
t.error(err)
})

Expand All @@ -101,7 +100,6 @@ tap.test('strictContentLength: false', (t) => {
'content-length': 0
}
}, (err, data) => {
assertEmitWarningCalledAndReset()
t.error(err)
})

Expand All @@ -118,7 +116,6 @@ tap.test('strictContentLength: false', (t) => {
}
})
}, (err, data) => {
assertEmitWarningCalledAndReset()
t.error(err)
})

Expand All @@ -135,7 +132,6 @@ tap.test('strictContentLength: false', (t) => {
}
})
}, (err, data) => {
assertEmitWarningCalledAndReset()
t.error(err)
})
})
Expand Down