[prev in list] [next in list] [prev in thread] [next in thread] 

List:       mercurial-devel
Subject:    Re: [PATCH 1 of 3 stable] hgweb: force connection close on early response
From:       Augie Fackler <raf () durin42 ! com>
Date:       2013-07-29 18:11:38
Message-ID: 082D88EF-E5E8-43E0-9758-0205F486C954 () durin42 ! com
[Download RAW message or body]


On Jul 29, 2013, at 10:41 AM, Kevin Bullock <kbullock+mercurial@ringworld.org> wrote:

> > hgweb: force connection close on early response
> > 
> > Not all WSGI servers close the socket when an early response is sent
> > to a large POST request, which can cause the server to interpret the
> > already-sent request body as an incoming (but hopelessly invalid)
> > request.
> 
> Uhmmm... *ouch*. Would love to hear more details about this.

Sure. Each HTTP request goes through a state machine, roughly like this:

1) Connect
2) Send request headers
3) Send request body
4) Get response headers
5) Get response body

When we decide to respond early to a client, we jump to step 4 while step 3 is still \
happening. The RFC 2616 is silent on what you're supposed to do in this case, and \
doesn't even explicitly call it out as a valid case (though every server I've ever \
used allows it, although some only with non-200 status codes).

So you end up in a state where the client has probably sent some data on the wire, \
and then saw the response body[0]. This basically poisons the read side of the socket \
for the server, which will now see some fragment of POST body data as a new request \
header line, except that (except in *really* unlucky cases) the data lurking on the \
inbound (to the server) side of the socket won't be valid, and it'll cause the server \
to be angry and close the socket anyway.

The workaround is to always do "Connection: Close" on any early response, because the \
keepalive benefits aren't worth the risk. We only have to do this because some web \
servers aren't smart enough to do this on their own.

Does that help?


[0] This is actually the best case. Worst case is what httplib does, which is merrily \
writes request bytes until it gets an error from the server, which closed the socket \
because it's correctly paranoid about having sent an early response. Yay. \
_______________________________________________ Mercurial-devel mailing list
Mercurial-devel@selenic.com
http://selenic.com/mailman/listinfo/mercurial-devel


[prev in list] [next in list] [prev in thread] [next in thread]