Message 4875 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	kasplat
Recipients
Date	2002-08-03.17:37:16
SpamBayes Score
Marked as misclassified
Message-id
In-reply-to

Content
Logged In: YES user_id=228025 This bug is related to another bug https://sourceforge.net/tracker/? func=detail&aid=430160&group_id=5470&atid=105470 Bob Denny (author of the WebSite server, formerly sold by O'Reilly) had this to say about the POST problem: "This is an old problem, traced back to Netscape and Unix- based shell CGI scripts. Netscape browsers did this to force completion of the POST into shell scripts. The cr/lf is not part of the POST payload, and the CGI script that is dealing with the POST needs to toss it away. The general solution is, read Content-Length bytes, then reas anything else that may be in the buffer and junk it. IE is emulating the behavior of Netscape." So, that explains why IE (and possibly other browsers) sticks a CR/LF on the end of a POST causing a mismatch with the Content-length header. Now the question is where a fix can be inserted in the libs? Looking again at CGIHTTPServer.py, perhaps this problem is isolated to Windows, in which case the fix might be in the block of code starting on line 218, and more specifically, line 246 data = self.rfile.read(nbytes) so at that point, the remaining 2 bytes should be read, but tossed. I'll investigate. Steve Holden and I have been emailing back and forth on this issue, so if anyone else has other suggestions, post here or email one of us. Thanks, ka

Logged In: YES 
user_id=228025

This bug is related to another bug

https://sourceforge.net/tracker/?
func=detail&aid=430160&group_id=5470&atid=105470

Bob Denny (author of the WebSite server, formerly sold by 
O'Reilly) had this to say about the POST problem:

"This is an old problem, traced back to Netscape and Unix-
based shell CGI scripts. Netscape browsers did this to force 
completion of the POST into shell scripts. The cr/lf is not part 
of the POST payload, and the CGI script that is dealing with 
the POST needs to toss it away. The general solution is, read 
Content-Length bytes, then reas anything else that may be in 
the buffer and junk it. IE is emulating the behavior of 
Netscape."

So, that explains why IE (and possibly other browsers) sticks 
a CR/LF on the end of a POST causing a mismatch with the 
Content-length header. Now the question is where a fix can 
be inserted in the libs?

Looking again at CGIHTTPServer.py, perhaps this problem is 
isolated to Windows, in which case the fix might be in the 
block of code starting on line 218, and more specifically, line 
246

data = self.rfile.read(nbytes)

so at that point, the remaining 2 bytes should be read, but 
tossed. I'll investigate. Steve Holden and I have been emailing 
back and forth on this issue, so if anyone else has other 
suggestions, post here or email one of us.

Thanks,

ka

History
Date	User	Action	Args
2007-08-23 13:54:38	admin	link	issue427345 messages
2007-08-23 13:54:38	admin	create