Re: IPP> Chunked POST
Carl Kugler (kugler@us.ibm.com)
Tue, 17 Aug 1999 16:54:05 -0600
> Re: IPP> Chunked POST
>
> Roy T. Fielding (fielding@kiwi.ics.uci.edu)
> Thu, 17 Dec 1998 22:03:24 -0800
> ---------------------------------------------------------------------=
---
>
> >In my opinion, Ken Coar is correct in saying that for a server to
> >be *both* HTTP/1.1 compliant and CGI/1.1 compliant it MUST buffer
> >chunked POST data and provide a Content-Length for the CGI script.
>
> Sending 411 is HTTP/1.1 compliant. Failure to parse the chunked
> encoding (and puking) would be non-compliance, but requiring a
> content-length for a given resource is necessary for many reasons
> (DoS and legacy system protection).
This is a meaningless distinction. Consider this thought experiment: we=
have
two HTTP servers, A and B.
Server A can and does parse the chunked encoding. But it sends a 411 "Le=
ngth
Required" response with a "Connection: close" header in response to any
request that does not include a "Content-Length" header. This is a compl=
iant
server.
Server B understands no transfer-coding except "identity". It cannot rec=
eive
or decode the "chunked" transfer-coding. It sends a 411 "Length Required=
"
response with a "Connection: close" header in response to any request tha=
t
does not include a "Content-Length" header. This is a non-compliant ser=
ver.
If we look at these servers as black boxes, observing their behavior only
through their external interfaces, they are virtually indistinguishable
(unless we look at the product tokens or something). So it's meanless to=
say
that all HTTP/1.1 applications that receive entities must understand (be =
able
to receive and decode) the =93chunked=94 transfer-coding.
> ...
http://www.ics.uci.edu/pub/ietf/http/hypermail/1998q4/0210.html