#29800: Django hangs when Content-Length has incorrect value
------------------------------------+------------------------------------
Reporter: Alexander Charykov | Owner: (none)
Type: Bug | Status: new
Component: HTTP handling | Version: 2.1
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
------------------------------------+------------------------------------
Comment (by Lakshya Prasad):
After investigating, it seems the hang occurs because Django relies on the
WSGI input stream (e.g., wsgiref or gunicorn), which blocks until the
declared Content-Length is fully read.
Since the WSGI spec does not define behavior for Content-Length larger
than actual payload, and production setups typically rely on reverse
proxies (e.g., nginx) to validate requests, this might not be appropriate
to fix at Django level.
I’d like to propose adding documentation explaining this behavior and
recommending use of a reverse proxy or proper request validation.
--
Ticket URL: <https://code.djangoproject.com/ticket/29800#comment:17>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion visit
https://groups.google.com/d/msgid/django-updates/0107019d1a20b79c-ce3cd835-26f7-460a-b8bb-2af28c3ebc80-000000%40eu-central-1.amazonses.com.
