Klaus Demo nginx / c4a4a6a
Request body: improved handling of incorrect chunked request body. While discarding chunked request body in some cases after detecting request body corruption no error was returned, while it was possible to correctly return 400 Bad Request. If error is detected too late, make sure to properly close connection. Additionally, in ngx_http_special_response_handler() don't return body of 500 Internal Server Error to a client if ngx_http_discard_request_body() fails, but disable keepalive and continue. Maxim Dounin 9 years ago
2 changed file(s) with 16 addition(s) and 5 deletion(s). Raw diff Collapse all Expand all
470470 }
471471 }
472472
473 if (ngx_http_read_discarded_request_body(r) == NGX_OK) {
473 rc = ngx_http_read_discarded_request_body(r);
474
475 if (rc == NGX_OK) {
474476 r->lingering_close = 0;
475477 return NGX_OK;
476478 }
477479
478 /* == NGX_AGAIN */
480 if (rc >= NGX_HTTP_SPECIAL_RESPONSE) {
481 return rc;
482 }
483
484 /* rc == NGX_AGAIN */
479485
480486 r->read_event_handler = ngx_http_discarded_request_body_handler;
481487
532538 return;
533539 }
534540
541 if (rc >= NGX_HTTP_SPECIAL_RESPONSE) {
542 c->error = 1;
543 ngx_http_finalize_request(r, NGX_ERROR);
544 return;
545 }
546
535547 /* rc == NGX_AGAIN */
536548
537549 if (ngx_handle_read_event(rev, 0) != NGX_OK) {
605617 rc = ngx_http_discard_request_body_filter(r, &b);
606618
607619 if (rc != NGX_OK) {
608 r->connection->error = 1;
609 return NGX_OK;
620 return rc;
610621 }
611622 }
612623 }
420420 r->expect_tested = 1;
421421
422422 if (ngx_http_discard_request_body(r) != NGX_OK) {
423 error = NGX_HTTP_INTERNAL_SERVER_ERROR;
423 r->keepalive = 0;
424424 }
425425
426426 if (clcf->msie_refresh