Skip to content

Commit

Permalink
Raise '400: Content-Length can't be present with Transfer-Encoding' i…
Browse files Browse the repository at this point in the history
…f both Content-Length and Transfer-Encoding are sent by peer (#6182)
  • Loading branch information
asvetlov authored Oct 31, 2021
1 parent bb4ee18 commit f763228
Show file tree
Hide file tree
Showing 3 changed files with 24 additions and 2 deletions.
1 change: 1 addition & 0 deletions CHANGES/6182.bugfix
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Raise ``400: Content-Length can't be present with Transfer-Encoding`` if both ``Content-Length`` and ``Transfer-Encoding`` are sent by peer by both C and Python implementations
12 changes: 10 additions & 2 deletions aiohttp/http_parser.py
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@
from .base_protocol import BaseProtocol
from .helpers import NO_EXTENSIONS, BaseTimerContext
from .http_exceptions import (
BadHttpMessage,
BadStatusLine,
ContentEncodingError,
ContentLengthError,
Expand Down Expand Up @@ -490,8 +491,15 @@ def parse_headers(

# chunking
te = headers.get(hdrs.TRANSFER_ENCODING)
if te and "chunked" in te.lower():
chunked = True
if te is not None:
te_lower = te.lower()
if "chunked" in te_lower:
chunked = True

if hdrs.CONTENT_LENGTH in headers:
raise BadHttpMessage(
"Content-Length can't be present with Transfer-Encoding",
)

return (headers, raw_headers, close_conn, encoding, upgrade, chunked)

Expand Down
13 changes: 13 additions & 0 deletions tests/test_http_parser.py
Original file line number Diff line number Diff line change
Expand Up @@ -292,6 +292,19 @@ def test_request_chunked(parser: Any) -> None:
assert isinstance(payload, streams.StreamReader)


def test_request_te_chunked_with_content_length(parser: Any) -> None:
text = (
b"GET /test HTTP/1.1\r\n"
b"content-length: 1234\r\n"
b"transfer-encoding: chunked\r\n\r\n"
)
with pytest.raises(
http_exceptions.BadHttpMessage,
match="Content-Length can't be present with Transfer-Encoding",
):
parser.feed_data(text)


def test_conn_upgrade(parser: Any) -> None:
text = (
b"GET /test HTTP/1.1\r\n"
Expand Down

0 comments on commit f763228

Please sign in to comment.