W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2003

Re: HTTP request header truncated

From: Alex Rousskov <rousskov@measurement-factory.com>
Date: Fri, 15 Aug 2003 16:00:17 -0600 (MDT)
To: Patrick Thun <patrickthun@yahoo.com.sg>
cc: ietf-http-wg@w3.org
Message-ID: <Pine.BSF.4.53.0308151553430.8118@measurement-factory.com>

On Thu, 14 Aug 2003, [iso-8859-1] Patrick Thun wrote:

> When I test the httpd with Mozilla and Navigator 7.1 in redhat 8,
> everything works fine.When I test it with IE5, IE6 and navigator 7.1
> on win98, my Digest authentication fails. I used a HTTP sniffer to
> trace the HTTP transaction and discovered that the Authorization
> header field in the request were truncated. The Authorization header
> was the last header in the request.

I assume you mean that the HTTP header did not fit into a single TCP
packet (was split across several packets), and that your program does
not handle partial reads from the network socket.

> My httpd only supports a subset of the HTTP1.1 headers. Is there
> anyway or method to make the browser send only the authorization
> header and on others like Accept, Accept-language etc?

Not in general. You can install a header-stripping proxy in front of
your server, but that is probably not what you are after. If your
httpd cannot handle partial reads, you should fix it.

Also, please note that the browser is not the only agent that can add
HTTP headers to requests. HTTP intermediaries such as caching proxies
do that as well, further increasing header length.



                            | HTTP performance - Web Polygraph benchmark
www.measurement-factory.com | HTTP compliance+ - Co-Advisor test suite
                            | all of the above - PolyBox appliance
Received on Friday, 15 August 2003 18:00:19 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:10:36 UTC