Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit04d6f2a

Browse files
committed
[3.13]gh-70765: avoid waiting for HTTP headers when parsing HTTP/0.9 requests (GH-139514)
(cherry picked from commit13dc2fd)(cherry picked from commit1fe89d3)Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
1 parent7e5d47d commit04d6f2a

File tree

3 files changed

+50
-0
lines changed

3 files changed

+50
-0
lines changed

‎Lib/http/server.py‎

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -275,6 +275,7 @@ def parse_request(self):
275275
error response has already been sent back.
276276
277277
"""
278+
is_http_0_9=False
278279
self.command=None# set in case of error on the first line
279280
self.request_version=version=self.default_request_version
280281
self.close_connection=True
@@ -332,6 +333,7 @@ def parse_request(self):
332333
HTTPStatus.BAD_REQUEST,
333334
"Bad HTTP/0.9 request type (%r)"%command)
334335
returnFalse
336+
is_http_0_9=True
335337
self.command,self.path=command,path
336338

337339
# gh-87389: The purpose of replacing '//' with '/' is to protect
@@ -341,6 +343,11 @@ def parse_request(self):
341343
ifself.path.startswith('//'):
342344
self.path='/'+self.path.lstrip('/')# Reduce to a single /
343345

346+
# For HTTP/0.9, headers are not expected at all.
347+
ifis_http_0_9:
348+
self.headers= {}
349+
returnTrue
350+
344351
# Examine the headers and look for a Connection directive.
345352
try:
346353
self.headers=http.client.parse_headers(self.rfile,

‎Lib/test/test_httpservers.py‎

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -316,6 +316,44 @@ def test_head_via_send_error(self):
316316
self.assertEqual(b'',data)
317317

318318

319+
classHTTP09ServerTestCase(BaseTestCase):
320+
321+
classrequest_handler(NoLogRequestHandler,BaseHTTPRequestHandler):
322+
"""Request handler for HTTP/0.9 server."""
323+
324+
defdo_GET(self):
325+
self.wfile.write(f'OK: here is{self.path}\r\n'.encode())
326+
327+
defsetUp(self):
328+
super().setUp()
329+
self.sock=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
330+
self.sock=self.enterContext(self.sock)
331+
self.sock.connect((self.HOST,self.PORT))
332+
333+
deftest_simple_get(self):
334+
self.sock.send(b'GET /index.html\r\n')
335+
res=self.sock.recv(1024)
336+
self.assertEqual(res,b"OK: here is /index.html\r\n")
337+
338+
deftest_invalid_request(self):
339+
self.sock.send(b'POST /index.html\r\n')
340+
res=self.sock.recv(1024)
341+
self.assertIn(b"Bad HTTP/0.9 request type ('POST')",res)
342+
343+
deftest_single_request(self):
344+
self.sock.send(b'GET /foo.html\r\n')
345+
res=self.sock.recv(1024)
346+
self.assertEqual(res,b"OK: here is /foo.html\r\n")
347+
348+
# Ignore errors if the connection is already closed,
349+
# as this is the expected behavior of HTTP/0.9.
350+
withcontextlib.suppress(OSError):
351+
self.sock.send(b'GET /bar.html\r\n')
352+
res=self.sock.recv(1024)
353+
# The server should not process our request.
354+
self.assertEqual(res,b'')
355+
356+
319357
classRequestHandlerLoggingTestCase(BaseTestCase):
320358
classrequest_handler(BaseHTTPRequestHandler):
321359
protocol_version='HTTP/1.1'
Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
:mod:`http.server`: fix default handling of HTTP/0.9 requests in
2+
:class:`~http.server.BaseHTTPRequestHandler`. Previously,
3+
:meth:`!BaseHTTPRequestHandler.parse_request`` incorrectly
4+
waited for headers in the request although those are not
5+
supported in HTTP/0.9. Patch by Bénédikt Tran.

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp