Commits on May 29, 2020

1. Set CONTENT_LENGTH for chunked requests …

   Chunked requests don't contain a Content-Length header, but Puma buffers
   the entire request body upfront, which means it can determine the length
   before dispatching to the application.
   
   The Rack spec doesn't mandate the presence of the CONTENT_LENGTH header,
   but it does refer to it as a "CGI key" and draws a distinction between
   it and the HTTP Content-Length header:
   
   https://github.com/rack/rack/blob/v2.2.2/SPEC.rdoc
   
   > The environment must not contain the keys HTTP_CONTENT_TYPE or
   > HTTP_CONTENT_LENGTH (use the versions without HTTP_). The CGI keys
   > (named without a period) must have String values.
   
   RFC 3875, which defines the CGI protocol including CONTENT_LENGTH, says:
   
   https://tools.ietf.org/html/rfc3875#section-4.1.2
   
   > The server MUST set this meta-variable if and only if the request is
   > accompanied by a message-body entity. The CONTENT_LENGTH value must
   > reflect the length of the message-body after the server has removed
   > any transfer-codings or content-codings.
   
   "Removing a transfer-coding" is precisely what Puma is doing when it
   parses a chunked request.
   
   RFC 7230, the most recent specification of HTTP 1.1, includes a pseudo-
   code algorithm for decoding chunked requests that roughly matches the
   behaviour implemented here:
   
   https://tools.ietf.org/html/rfc7230#section-4.1.3

   

   eugeneius committed May 29, 2020
   Copy the full SHA

   bdcfb60 View commit details

   Browse the repository at this point in the history