411 Length Required error
Dave Cheney
dave at cheney.net
Tue Dec 2 03:35:58 MSK 2008
> It seems that Apache allowed always such requests (POSTs without
> Content-Length). I'm not sure should I add this ?
Looking into the RFC's it looks like Apache might be doing the right thing.
RFC1945:
A valid Content-Length is required on all HTTP/1.0 POST requests. An
HTTP/1.0 server should respond with a 400 (bad request) message if it
cannot determine the length of the request message's content.
RFC2616:
The presence of a message-body in a request is signaled by the inclusion
of a Content-Length or Transfer-Encoding header field in the request's
message-headers
So,
POST /someurl HTTP/1.1
Host: whatever
\r\n
\r\n
Is a valid post request, but only in the case that the request does not
contain a body. If the post does contain a body, then it must be identified
as such with a Content-Lenth: header.
Cheers
Dave
More information about the nginx
mailing list