Is calling ngx_http_discard_request_body() still necessary in modules only handle HTTP GETs ?
Maxim Dounin
mdounin at mdounin.ru
Thu Jul 24 18:02:48 UTC 2014
Hello!
On Thu, Jul 24, 2014 at 10:09:12AM -0400, gzchenym wrote:
> Hi all:
>
> In nginx's native memcached module, I found that
> ngx_http_discard_request_body() was called right after a statement that only
> allow GET/HEAD requests to pass through.
>
> For ref: src/http/modules/ngx_http_memcached_module.c
>
>
> if (!(r->method & (NGX_HTTP_GET|NGX_HTTP_HEAD))) {
> return NGX_HTTP_NOT_ALLOWED;
> }
>
> rc = ngx_http_discard_request_body(r);
>
>
> However, in other places, such as (ngx_http_empty_gif_module) ,that
> ngx_http_discard_request_body() function call was just missed. Usually HTTP
> GET reqeust should not have request body. So, what's the point of having
> ngx_http_discard_request_body() in memcached module? and which pattern
> should I use?
The empty gif module doesn't call ngx_http_discard_request_body()
directly because it uses ngx_http_send_response(), which will call
it. (Previously, there was an explicit call - it was removed by
the http://hg.nginx.org/nginx/rev/18f1cb12c6d7 changeset.)
All content handlers should either read or discard request body,
either directly or indirectly. If it's not done, it will
result in problems if there will be a request with a body.
--
Maxim Dounin
http://nginx.org/
More information about the nginx
mailing list