-
-
Notifications
You must be signed in to change notification settings - Fork 6.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HTTP --max-filesize counts ignored body data #14899
Comments
Add test 477 to verify Reported-by: Jay Satiro Fixes #14899
[ jay @ CE 2024-09-13 15:37:01 UTC: @MasterInQuestion reports that: E.g. while true;
do {
perl -e '
$, = "\r\n";
print (
"HTTP/1.1 301",
"Content-Length: 5",
"Location: http://localhost:8080/abc",
"",
"abc", "" );
' | nc -4l localhost 8080;
};
done; ]] The failure is caused by a check in "Curl_http_size", which AFAICT: The user may want this behavior because, if they say: On the other hand, it seems that "cw_download_write" works in exactly that way: So if the former check is removed, which is my initial inclination: |
@MasterInQuestion I did not understand one word of this |
Refactored quality content. Probably also what @jay intended: testing the format's potential. |
It does not help me. I have no idea what you talk about. #14900 is my proposed fix. |
I've noted you have tendency to comment before reading... per past events. No matter. My proposed design is: |
A separation between what for what purpose? Is that another way of saying my fix is not to your liking? |
Please read "See also": |
I give up. |
Add test 477 to verify Reported-by: Jay Satiro Fixes #14899
Summary: |
From #14440 (comment) user @MasterInQuestion reports that --max-filesize is applied to the ignored content of a redirect response. For example
curl -v -L --max-filesize 1 http://localhost:8080
and the server's redirect reply has 5 content bytes:curl will fail because 5 bytes of content (even though it's ignored) is more than 1:
The failure is caused by a check in
Curl_http_size
which AFAICT compares even for body bytes that are not "real" so to speak:curl/lib/http.c
Lines 3273 to 3294 in a3bd1dd
There is a separate check that is done in
cw_download_write
which deals with real body bytes, however by that point the download is already taking place.curl/lib/sendf.c
Lines 326 to 344 in a3bd1dd
In other words, the former check causes curl to error immediately after the headers are received and the content length is known. The user may want this behavior because if they, say, limit to 1MB then maybe they don't want to download the first 1MB of a 100MB file. OTOH it seems that cw_download_write works in exactly that way, it will allow downloading to the maximum file size.
So if the former check is removed, which is my initial inclination, there will be a change in behavior.
The text was updated successfully, but these errors were encountered: