New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Inconsistent "400 bad request" response, for GET request with a body #4026
Comments
Interesting, we will investigate. There isn't really anything in Express that would 400 from something like that, and awaiting a promise should not change behavior. Is there any stack trace printing to your console when this happens? If not, it is likely Node.js HTTP module itself that is sending the 400. |
There is no trace, it is not a crash or anything.
It's just the request being denied. But only when a Promise is being
awaited by the middleware.
It is weird indeed :-)
Of course, I believe I was mistaken in sending an empty body along with a
GET request.
I fixed that in my app and now everything works fine.
Still, it would be best if we could somehow unify the behavior with/without
promises.
Best of luck,
Marco
…On Mon, Aug 12, 2019 at 3:19 PM Douglas Wilson ***@***.***> wrote:
Interesting, we will investigate. There isn't really anything in Express
that would 400 from something like that, and awaiting a promise should not
change behavior.
Is there any stack trace printing to your console when this happens? If
not, it is like Node.js HTTP module itself throwing the 400.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#4026?email_source=notifications&email_token=AADIMMPGLP5NVKGC4HGI4STQEFPM7A5CNFSM4IK7FE42YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD4CP35I#issuecomment-520420853>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AADIMMMKT7G7BBFQ3ZMFMALQEFPM7ANCNFSM4IK7FE4Q>
.
--
Best regards,
Marco Pegoraro
*m.* marco.pegoraro@gmail.com
*C.* +46 73 545 1223
----------------------------------------------
This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the system manager.
This message contains confidential information and is intended only for the
individual named. If you are not the named addressee you should not
disseminate, distribute or copy this e-mail. Please notify the sender
immediately by e-mail if you have received this e-mail by mistake and
delete this e-mail from your system. If you are not the intended recipient
you are notified that disclosing, copying, distributing or taking any
action in reliance on the contents of this information is strictly
prohibited.
|
Unfortunately I tried to create an app based on your description and could not reproduce the 400. Can you provide a reproduction case? |
I will put together a repo that reproduces it!
…On Mon, Aug 12, 2019 at 4:15 PM Douglas Wilson ***@***.***> wrote:
Unfortunately I tried to create an app based on your description and could
not reproduce the 400. Can you provide a reproduction case?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#4026?email_source=notifications&email_token=AADIMMMYEBHFUDCAL3IJJEDQEFV65A5CNFSM4IK7FE42YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD4CVC6Q#issuecomment-520442234>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AADIMMO5DJK73ZPKQQWVCZ3QEFV65ANCNFSM4IK7FE4Q>
.
--
Best regards,
Marco Pegoraro
*m.* marco.pegoraro@gmail.com
*C.* +46 73 545 1223
----------------------------------------------
This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the system manager.
This message contains confidential information and is intended only for the
individual named. If you are not the named addressee you should not
disseminate, distribute or copy this e-mail. Please notify the sender
immediately by e-mail if you have received this e-mail by mistake and
delete this e-mail from your system. If you are not the intended recipient
you are notified that disclosing, copying, distributing or taking any
action in reliance on the contents of this information is strictly
prohibited.
|
Here you go: This will reproduce the problem using Docker, so it should be quite safe to reproduce it. Marco |
Thank you, that helps a lot! I was able to reproduce it with your example, and it looks like the reason I couldn't reproduce the issue is because it seems specific to the client you are using. Using cURL as a client, for example, shows the 200 OK coming back from the body test where your client gets a 400 Bad Request:
The Bad Request is coming from Node.js itself, though, so before Express.js can even see the request. Changing the server to just pure Node.js reproduces the issue without Express, at which case you can file an issue with Node.js or your client library, which ever you think is more appropriate (probably your client library, since cURL has no issue making the same requests that you get a 400 for): const http = require('http')
const sleepTimeout = duration => (next) => setTimeout(next, duration)
const sleepPromise = duration => (next) => (new Promise(r => setTimeout(r, duration))).then(next)
const sleepSync = duration => (next) => {
for (let i = 0; i < duration; i++) console.log({ i })
next()
}
const app = (req, res) => {
switch (req.url) {
case '/a':
res.end('ok/a')
break
case '/b':
sleepSync(9999)(() => res.end('ok/b'))
break
case '/c':
sleepTimeout(500)(() => res.end('ok/c'))
break
case '/d':
sleepPromise(500)(() => res.end('ok/d'))
break
}
}
http.createServer(app).listen(8080, () => console.log('App1 is running...')) |
Thank you for taking a look at it, and for the clarification.
Marco
…On Tue, Aug 13, 2019 at 4:02 PM Douglas Wilson ***@***.***> wrote:
Thank you, that helps a lot! I was able to reproduce it with your example,
and it looks like the reason I couldn't reproduce the issue is because it
seems specific to the *client* you are using. Using cURL as a client, for
example, shows the 200 OK coming back from the body test where your client
gets a 400 Bad Request:
$ curl -v http://127.0.0.1:5555/d -H'content-type: application/json' -d'{}' -XGET
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 5555 (#0)
> GET /d HTTP/1.1
> Host: 127.0.0.1:5555
> User-Agent: curl/7.54.0
> Accept: */*
> content-type: application/json
> Content-Length: 2
>
* upload completely sent off: 2 out of 2 bytes
< HTTP/1.1 200 OK
< X-Powered-By: Express
< Content-Type: text/html; charset=utf-8
< Content-Length: 4
< ETag: W/"4-cM5NkoAgYFvRntn1zvlbeUF4oB8"
< Date: Tue, 13 Aug 2019 13:47:19 GMT
< Connection: keep-alive
<
* Connection #0 to host 127.0.0.1 left intact
ok/d
The Bad Request is coming from Node.js itself, though, so before
Express.js can even see the request. Changing the server to just pure
Node.js reproduces the issue without Express, at which case you can file an
issue with Node.js or your client library, which ever you think is more
appropriate:
const http = require('http')
const sleepTimeout = duration => (next) => setTimeout(next, duration)const sleepPromise = duration => (next) => (new Promise(r => setTimeout(r, duration))).then(next)const sleepSync = duration => (next) => {
for (let i = 0; i < duration; i++) console.log({ i })
next()
}
const app = (req, res) => {
switch (req.url) {
case '/a':
res.end('ok/a')
break
case '/b':
sleepSync(9999)(() => res.end('ok/b'))
break
case '/c':
sleepTimeout(500)(() => res.end('ok/c'))
break
case '/d':
sleepPromise(500)(() => res.end('ok/d'))
break
}
}
http.createServer(app).listen(8080, () => console.log('App1 is running...'))
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#4026?email_source=notifications&email_token=AADIMMMWO75K3KOE7RMF7NLQEK5I3A5CNFSM4IK7FE42YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD4FYABI#issuecomment-520847365>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AADIMMLZ4EZHYFEAL2RZXF3QEK5I3ANCNFSM4IK7FE4Q>
.
--
Best regards,
Marco Pegoraro
*m.* marco.pegoraro@gmail.com
*C.* +46 73 545 1223
----------------------------------------------
This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the system manager.
This message contains confidential information and is intended only for the
individual named. If you are not the named addressee you should not
disseminate, distribute or copy this e-mail. Please notify the sender
immediately by e-mail if you have received this e-mail by mistake and
delete this e-mail from your system. If you are not the intended recipient
you are notified that disclosing, copying, distributing or taking any
action in reliance on the contents of this information is strictly
prohibited.
|
@marcopeg |
Hi @raijinsetsu I did not make an issue with Node.js, as noted above, I believe it was the client library at use that was the issue and not Node.js. I left filing up to OP since they would have the most background and eagerness to work to get it fixed upstream with the client library. |
I missed that detail. I thought you were saying it was the NodeJS server.
We happen to be using the NodeJS native Http client which means that, it
you're correct, it's still an issue in NodeJS. I'll followup with some
testing and open an issue.
…On Tue, Feb 4, 2020, 10:03 Douglas Wilson ***@***.***> wrote:
Hi @raijinsetsu <https://github.com/raijinsetsu> I did not make an issue
with Node.js, as noted above, I believe it was the client library at use
that was the issue and not Node.js. I left filing up to OP since they would
have the most background and eagerness to work to get it fixed upstream
with the client library.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#4026?email_source=notifications&email_token=ABT6LNQ7MK5YOYVZKIBARJDRBF7STA5CNFSM4IK7FE42YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEKX6BIQ#issuecomment-581951650>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABT6LNQV3RT37ZTSHEH4HJDRBF7STANCNFSM4IK7FE4Q>
.
|
Did you open an issue about this ? I'm facing the same behaviour, using native NodeJS too |
Hello, I came across a weird behavior when it comes to GET requests:
Here is a GET request performed through the
fetch
API.It is wrong because GET should NOT have a
body
.Nevertheless, if my Express handler looks like the following code, it works just fine:
It looks like Express simply ignores the body part of the request.
BUT if I add a middleware that awaits for a
Promise
, then Express will fail my request with a400 - Bad Request
answer:This piece of code will cause Express to "validate" the request payload and drop the request due to the existing (and correctly unexpected) body.
Now, wouldn't it be better if the behavior of either failing the request or ignoring the body was consistent with or without promises in the handling chain?
Thanks guys!
Awesome work :-)
The text was updated successfully, but these errors were encountered: