[patch] Don't send 100 (Continue) to HTTP/1.0 clients.

Maxim Dounin mdounin at mdounin.ru
Wed Dec 17 18:27:33 MSK 2008


Hello!

RFC 2616 говорит нам (8.2.3 Use of the 100 (Continue) Status):

      - An origin server ... MUST NOT send a
        100 (Continue) response if such a request comes from an HTTP/1.0
        (or earlier) client. 

И делает он это не зря.  В частности, если nginx 0.6.33 проксирует 
запросы на nginx 0.6.34, то результат для запросов с "Expect: 
100-continue" удивителен.  :)

Патч прилагается.

Maxim Dounin
-------------- next part --------------
# HG changeset patch
# User Maxim Dounin <mdounin at mdounin.ru>
# Date 1229526806 -10800
# Node ID 27de9e550ea7c0312c91c5d294d3c0960cddbff0
# Parent  e2c4e8b635a873c8b4ac413a953fade4de5b16b3
Don't send 100 (Continue) to HTTP/1.0 clients.

This is explicitly forbidden by RFC 2616 and cause interoperability problems
in wild (e.g. with older versions of nginx itself).

Reported by:	Alexey V. Degtyarev

diff --git a/src/http/ngx_http_core_module.c b/src/http/ngx_http_core_module.c
--- a/src/http/ngx_http_core_module.c
+++ b/src/http/ngx_http_core_module.c
@@ -1504,7 +1504,8 @@ ngx_http_core_send_continue(ngx_http_req
 
     expect = &r->headers_in.expect->value;
 
-    if (expect->len != sizeof("100-continue") - 1
+    if (r->http_version < NGX_HTTP_VERSION_11
+        || expect->len != sizeof("100-continue") - 1
         || ngx_strncasecmp(expect->data, (u_char *) "100-continue",
                            sizeof("100-continue") - 1)
            != 0)


More information about the nginx-ru mailing list