New submission from Cory Benfield:
Initially spotted on Requests GitHub bugtracker:
https://github.com/kennethreitz/requests/issues/1804
On receiving an HTTP response with an invalid header, httplib stops parsing the
headers and attempts to receive the rest of the message as body content.
Normally that would be fine, but problems occur if later on in the headers
"Transfer-Encoding: chunked" is declared. This leads to a hang while reading
the body content until the remote end forcibly closes the connection.
This bug certainly affects versions 2.7 through 3.3.
To reproduce (note that we need to request gzip to get the server to send the
bad header):
import http.client
h = http.client.HTTPConnection('www.sainsburysbank.co.uk')
h.request('GET', '/', headers={'Accept-Encoding': 'gzip'})
r = h.getresponse()
hdrs = r.getheaders()
body = r.read() # Hang here.
cURL configured equivalently doesn't exhibit this problem, that is the
following works fine:
curl --compressed http://www.sainsburysbank.co.uk/
It's not clear to me that this behaviour is wrong. The server is definitely
violating RFC 2616 which expressly forbids empty header names. I'm open to
consultation about what the correct fix should be here (which may be nothing at
all).
----------
_______________________________________
Python tracker <rep...@bugs.python.org>
<http://bugs.python.org/issue19996>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
