From e5721f6b4dd7e4084a14b6f2f38bfb3672796ac9 Mon Sep 17 00:00:00 2001 From: Garrett D'Amore Date: Sun, 12 Jan 2025 10:25:56 -0800 Subject: http: server error handling improvements and tests We want to consume the request properly on an error, so that we can give a reasonable response. We were prematurely closing the connection for certain failure modes. We still have to fix overly long URIs and headers, but thats next! --- src/supplemental/http/http_server.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'src/supplemental/http/http_server.c') diff --git a/src/supplemental/http/http_server.c b/src/supplemental/http/http_server.c index 096d985c..5d6a2aee 100644 --- a/src/supplemental/http/http_server.c +++ b/src/supplemental/http/http_server.c @@ -466,7 +466,11 @@ http_sconn_rxdone(void *arg) // Validate the request -- it has to at least look like HTTP // 1.x. We flatly refuse to deal with HTTP 0.9, and we can't // cope with HTTP/2. - if ((val = nni_http_get_version(sc->conn)) == NULL) { + if (nng_http_get_status(sc->conn) >= NNG_HTTP_STATUS_BAD_REQUEST) { + http_sconn_error(sc, nng_http_get_status(sc->conn)); + return; + } + if ((val = nng_http_get_version(sc->conn)) == NULL) { sc->close = true; http_sconn_error(sc, NNG_HTTP_STATUS_BAD_REQUEST); return; @@ -485,7 +489,7 @@ http_sconn_rxdone(void *arg) } // NB: The URI will already have been canonified by the REQ parser - uri = nni_http_get_uri(sc->conn); + uri = nng_http_get_uri(sc->conn); if (uri[0] != '/') { // We do not support authority form or asterisk form at present sc->close = true; -- cgit v1.2.3-70-g09d2