Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit13dc2fd

Browse files
authored
gh-70765: avoid waiting for HTTP headers when parsing HTTP/0.9 requests (#139514)
1 parent29616f3 commit13dc2fd

File tree

3 files changed

+49
-0
lines changed

3 files changed

+49
-0
lines changed

‎Lib/http/server.py‎

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -302,6 +302,7 @@ def parse_request(self):
302302
error response has already been sent back.
303303
304304
"""
305+
is_http_0_9=False
305306
self.command=None# set in case of error on the first line
306307
self.request_version=version=self.default_request_version
307308
self.close_connection=True
@@ -359,6 +360,7 @@ def parse_request(self):
359360
HTTPStatus.BAD_REQUEST,
360361
"Bad HTTP/0.9 request type (%r)"%command)
361362
returnFalse
363+
is_http_0_9=True
362364
self.command,self.path=command,path
363365

364366
# gh-87389: The purpose of replacing '//' with '/' is to protect
@@ -368,6 +370,11 @@ def parse_request(self):
368370
ifself.path.startswith('//'):
369371
self.path='/'+self.path.lstrip('/')# Reduce to a single /
370372

373+
# For HTTP/0.9, headers are not expected at all.
374+
ifis_http_0_9:
375+
self.headers= {}
376+
returnTrue
377+
371378
# Examine the headers and look for a Connection directive.
372379
try:
373380
self.headers=http.client.parse_headers(self.rfile,

‎Lib/test/test_httpservers.py‎

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -362,6 +362,43 @@ def test_head_via_send_error(self):
362362
self.assertEqual(b'',data)
363363

364364

365+
classHTTP09ServerTestCase(BaseTestCase):
366+
367+
classrequest_handler(NoLogRequestHandler,BaseHTTPRequestHandler):
368+
"""Request handler for HTTP/0.9 server."""
369+
370+
defdo_GET(self):
371+
self.wfile.write(f'OK: here is{self.path}\r\n'.encode())
372+
373+
defsetUp(self):
374+
super().setUp()
375+
self.sock=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
376+
self.sock=self.enterContext(self.sock)
377+
self.sock.connect((self.HOST,self.PORT))
378+
379+
deftest_simple_get(self):
380+
self.sock.send(b'GET /index.html\r\n')
381+
res=self.sock.recv(1024)
382+
self.assertEqual(res,b"OK: here is /index.html\r\n")
383+
384+
deftest_invalid_request(self):
385+
self.sock.send(b'POST /index.html\r\n')
386+
res=self.sock.recv(1024)
387+
self.assertIn(b"Bad HTTP/0.9 request type ('POST')",res)
388+
389+
deftest_single_request(self):
390+
self.sock.send(b'GET /foo.html\r\n')
391+
res=self.sock.recv(1024)
392+
self.assertEqual(res,b"OK: here is /foo.html\r\n")
393+
394+
self.sock.send(b'GET /bar.html\r\n')
395+
res=self.sock.recv(1024)
396+
# The server will not parse more input as it closed the connection.
397+
# Note that the socket connection itself is still opened since the
398+
# client is responsible for also closing it on their side.
399+
self.assertEqual(res,b'')
400+
401+
365402
defcertdata_file(*path):
366403
returnos.path.join(os.path.dirname(__file__),"certdata",*path)
367404

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
:mod:`http.server`: fix default handling of HTTP/0.9 requests in
2+
:class:`~http.server.BaseHTTPRequestHandler`. Previously,
3+
:meth:`!BaseHTTPRequestHandler.parse_request`` incorrectly
4+
waited for headers in the request although those are not
5+
supported in HTTP/0.9. Patch by Bénédikt Tran.

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp