Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit4b2b851

Browse files
chansikparkWor Ker
and
Wor Ker
authored
Fix HTTP 414 errors hanging until timeout (yhirose#2260)
* Fix HTTP 414 errors hanging until timeout* All errors (status code 400+) close the connection* 🧹---------Co-authored-by: Wor Ker <worker@factory>
1 parent551f96d commit4b2b851

File tree

2 files changed

+46
-3
lines changed

2 files changed

+46
-3
lines changed

‎httplib.h‎

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7692,7 +7692,8 @@ inline bool Server::write_response_core(Stream &strm, bool close_connection,
76927692
if (need_apply_ranges) {apply_ranges(req, res, content_type, boundary); }
76937693

76947694
// Prepare additional headers
7695-
if (close_connection || req.get_header_value("Connection") =="close") {
7695+
if (close_connection || req.get_header_value("Connection") =="close" ||
7696+
400 <= res.status) {// Don't leave connections open after errors
76967697
res.set_header("Connection","close");
76977698
}else {
76987699
std::string s ="timeout=";
@@ -8403,8 +8404,6 @@ Server::process_request(Stream &strm, const std::string &remote_addr,
84038404

84048405
// Check if the request URI doesn't exceed the limit
84058406
if (req.target.size() > CPPHTTPLIB_REQUEST_URI_MAX_LENGTH) {
8406-
Headers dummy;
8407-
detail::read_headers(strm, dummy);
84088407
res.status = StatusCode::UriTooLong_414;
84098408
output_error_log(Error::ExceedUriMaxLength, &req);
84108409
returnwrite_response(strm, close_connection, req, res);

‎test/test.cc‎

Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4289,10 +4289,21 @@ TEST_F(ServerTest, TooLongRequest) {
42894289
}
42904290
request +="_NG";
42914291

4292+
auto start =std::chrono::high_resolution_clock::now();
4293+
4294+
cli_.set_keep_alive(true);
42924295
auto res = cli_.Get(request.c_str());
42934296

4297+
auto end =std::chrono::high_resolution_clock::now();
4298+
auto elapsed =
4299+
std::chrono::duration_cast<std::chrono::milliseconds>(end - start)
4300+
.count();
4301+
42944302
ASSERT_TRUE(res);
42954303
EXPECT_EQ(StatusCode::UriTooLong_414, res->status);
4304+
EXPECT_LE(elapsed,100);
4305+
EXPECT_EQ("close", res->get_header_value("Connection"));
4306+
EXPECT_FALSE(cli_.is_socket_open());
42964307
}
42974308

42984309
TEST_F(ServerTest, AlmostTooLongRequest) {
@@ -4363,10 +4374,21 @@ TEST_F(ServerTest, LongHeader) {
43634374
}
43644375

43654376
TEST_F(ServerTest, LongQueryValue) {
4377+
auto start =std::chrono::high_resolution_clock::now();
4378+
4379+
cli_.set_keep_alive(true);
43664380
auto res = cli_.Get(LONG_QUERY_URL.c_str());
43674381

4382+
auto end =std::chrono::high_resolution_clock::now();
4383+
auto elapsed =
4384+
std::chrono::duration_cast<std::chrono::milliseconds>(end - start)
4385+
.count();
4386+
43684387
ASSERT_TRUE(res);
43694388
EXPECT_EQ(StatusCode::UriTooLong_414, res->status);
4389+
EXPECT_LE(elapsed,100);
4390+
EXPECT_EQ("close", res->get_header_value("Connection"));
4391+
EXPECT_FALSE(cli_.is_socket_open());
43704392
}
43714393

43724394
TEST_F(ServerTest, TooLongQueryValue) {
@@ -4460,6 +4482,7 @@ TEST_F(ServerTest, HeaderCountExceedsLimit) {
44604482
}
44614483

44624484
// This should fail due to exceeding header count limit
4485+
cli_.set_keep_alive(true);
44634486
auto res = cli_.Get("/hi", headers);
44644487

44654488
// The request should either fail or return 400 Bad Request
@@ -4470,6 +4493,9 @@ TEST_F(ServerTest, HeaderCountExceedsLimit) {
44704493
// Or the request should fail entirely
44714494
EXPECT_FALSE(res);
44724495
}
4496+
4497+
EXPECT_EQ("close", res->get_header_value("Connection"));
4498+
EXPECT_FALSE(cli_.is_socket_open());
44734499
}
44744500

44754501
TEST_F(ServerTest, PercentEncoding) {
@@ -4524,6 +4550,7 @@ TEST_F(ServerTest, HeaderCountSecurityTest) {
45244550
}
45254551

45264552
// Try to POST with excessive headers
4553+
cli_.set_keep_alive(true);
45274554
auto res = cli_.Post("/", attack_headers,"test_data","text/plain");
45284555

45294556
// Should either fail or return 400 Bad Request due to security limit
@@ -4534,6 +4561,9 @@ TEST_F(ServerTest, HeaderCountSecurityTest) {
45344561
// Request failed, which is the expected behavior for DoS protection
45354562
EXPECT_FALSE(res);
45364563
}
4564+
4565+
EXPECT_EQ("close", res->get_header_value("Connection"));
4566+
EXPECT_FALSE(cli_.is_socket_open());
45374567
}
45384568

45394569
TEST_F(ServerTest, MultipartFormData) {
@@ -5854,6 +5884,20 @@ TEST_F(ServerTest, TooManyRedirect) {
58545884
EXPECT_EQ(Error::ExceedRedirectCount, res.error());
58555885
}
58565886

5887+
TEST_F(ServerTest, BadRequestLineCancelsKeepAlive) {
5888+
Request req;
5889+
req.method ="FOOBAR";
5890+
req.path ="/hi";
5891+
5892+
cli_.set_keep_alive(true);
5893+
auto res = cli_.send(req);
5894+
5895+
ASSERT_TRUE(res);
5896+
EXPECT_EQ(StatusCode::BadRequest_400, res->status);
5897+
EXPECT_EQ("close", res->get_header_value("Connection"));
5898+
EXPECT_FALSE(cli_.is_socket_open());
5899+
}
5900+
58575901
TEST_F(ServerTest, StartTime) {auto res = cli_.Get("/test-start-time"); }
58585902

58595903
#ifdef CPPHTTPLIB_ZLIB_SUPPORT

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp