Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update TIdHTTPServer to handle long URIs and long request headers more cleanly #474

Open
rlebeau opened this issue Apr 27, 2023 · 0 comments
Open

Update TIdHTTPServer to handle long URIs and long request headers more cleanly #474

rlebeau opened this issue Apr 27, 2023 · 0 comments
Assignees
@rlebeau
Labels
Element: HTTP Issues related to HTTP handling, TIdHTTP, TIdHTTPServer, TIdHTTPProxyServer, etc Status: In Progress Issue is being worked on Type: Enhancement Issue is proposing a new feature/enhancement
Milestone
Indy 11 - Mainten...

Comments

@rlebeau
Copy link
Member

rlebeau commented Apr 27, 2023
edited

If an HTTP client sends either:

  • a long request line that exceeds TIdIOHandler.MaxLineLength
  • a long header line that exceeds TIdIOHandler.MaxLineLength
  • number of headers that exceed TIdHTTPServer.MaximumHeaderLineCount

Then TIdHTTPServer raises an exception and closes the connection. It should send the client back a 414 or 431 response instead of (or at least before) raising the exception.

Also, add new MaximumUriLength and MaximumHeaderLineLength properties.
@rlebeau rlebeau added Type: Enhancement Issue is proposing a new feature/enhancement Element: HTTP Issues related to HTTP handling, TIdHTTP, TIdHTTPServer, TIdHTTPProxyServer, etc Status: Reported Issue has been reported for review labels Apr 27, 2023
@rlebeau rlebeau added this to the Indy 11 - Maintenance Release milestone Apr 27, 2023
rlebeau added a commit that referenced this issue Apr 27, 2023
@rlebeau
#474 Adding MaximumHeaderLineLength and MaximumUriLength properties t…
1c59c27 
…o TIdHTTPServer. Updating TIdCustomHTTPServer.DoExecute() to send 414 and 431 responses if those lengths are exceeded.
@rlebeau rlebeau self-assigned this Apr 27, 2023
@rlebeau rlebeau added Status: In Progress Issue is being worked on and removed Status: Reported Issue has been reported for review labels Apr 27, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rlebeau rlebeau

Labels
Element: HTTP Issues related to HTTP handling, TIdHTTP, TIdHTTPServer, TIdHTTPProxyServer, etc Status: In Progress Issue is being worked on Type: Enhancement Issue is proposing a new feature/enhancement
Projects
None yet
Milestone
Indy 11 - Maintenance Release
Development

When branches are created from issues, their pull requests are automatically linked.

TIdHTTPServer-MaxLengths IndySockets/Indy
1 participant
@rlebeau