Skip to content

net/http: request body errors don't close a connection #11930

@jeddenlea

Description

@jeddenlea

After an HTTP server parses a request's headers, it essentially passes control of the protocol handling to a request body Reader. Generally, this Reader either consumes up to the number bytes specified by Content-Length, or follows a chunked encoded entity.

But, errors encountered at this stage are completely ignored by the server. Broken connections are left in tact, and the server will attempt to read further requests from them.

This is a vector for request smuggling.

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions