Re: Worries about content-length

• From: Henrik Frystyk Nielsen <frystyk@w3.org>
• Date: Mon, 8 May 1995 15:08:12 +0500
• To: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com, Harald.T.Alvestrand@uninett.no
• Message-Id: <9505081908.AA24261@www20>

> I've seen this blow up on me: When a particular server had very heavy
> load, the forked server crashed, closing the TCP connection, after
> sending the headers, but before sending the full body.
> Result: The client thinks that it has a complete object, and in fact
> CACHES this invalid object - and there is no algorithmic way to tell
> it that it is in the wrong.

This is exactly the same as the classic problem with the chain:

	mosaic	: 1.0 Request with a large header
	proxy	: forwards the request
	server	: 0.9 doesn't expect any request headers, tcp windows
		  gets full and server closes connection

Result:	A chopped of document with status 200 OK! However in the 0.9
case there _is_ really no way of telling :-(

> Suggested fix: Add language that says that clients SHOULD warn the user
> when content-length indicates MORE data than actually received.

You describe the problem the other way round - you do NOT get all the data,
or do I misunderstand something???

> I've
> seen lots of cases where the browser says "got 10245 of 9433 bytes",
> which probably means that content-length was LESS, but I don't know if
> the reverse ever happens.

This is typically a bug in the client counting the header information as part
of the bytes received. I think Mosaic did this at some point.

>        Note: Some older servers supply an invalid Content-Length 
>        when sending a document that contains server-side includes 
>        dynamically inserted into the data stream. It must be 
>        emphasized that this will not be tolerated by future 
>        versions of HTTP. Unless the client knows that it is 
>        receiving a response from a compliant server, it should not 
>        depend on the Content-Length value being correct.

I don't think we can force application to warn if the content-length doesn't
match the received amount of data in the entity body, but it is a good idea
to recommend that clients do signal to the user when a situation like this
occur, and definitely to cancel any caching!

When interactive clients start using PUT and POST as normal methods then
a correct Content-Length is required!

-- cheers --

Henrik Frystyk                                          frystyk@W3.org
World-Wide Web Consortium,                              Tel + 1 617 258 8143
MIT/LCS, NE43-356					Fax + 1 617 258 8682
77 Massachusetts Avenue
Cambridge MA 02154, USA

Received on Monday, 8 May 1995 12:13:17 UTC