-
-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Do not send Content-length: 0
in GET/HEAD/TRACE/OPTIONS requests (#2167)
#2191
Conversation
tests/test_client_request.py
Outdated
req = ClientRequest( | ||
'post', URL('http://python.org/'), | ||
data={}, loop=loop) | ||
req.update_body_from_data.assert_called_once_with({}) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks to Pycharm.
tests/test_client_request.py
Outdated
meth, URL('http://python.org/'), data={'life': '42'}, | ||
loop=loop) | ||
assert '/' == req.url.path | ||
assert b'life=42' == req.body._value |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Completely wrong test.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please don't introduce new behaviour while fixing some stuff. And especially, don't do that within the same commit. This makes commit history review much harder.
aiohttp/client_reqrep.py
Outdated
@@ -82,6 +88,10 @@ def __init__(self, method, url, *, | |||
self.url = url.with_fragment(None) | |||
self.original_url = url | |||
self.method = method.upper() | |||
|
|||
if self.method in self.GET_METHODS and any((data, compress, chunked)): | |||
raise ValueError('Method %s should not contain request-data.' % self.method) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This will eventually break requests to elastic search. Technically, you can send GET with payload and that's correct from the point of spec.
https://www.elastic.co/guide/en/elasticsearch/reference/current/search-request-body.html
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK, I didn't know that ElasticSearch predates RFC, where it's said that HTTP-server SHOULD ignore payload of GET-requests. I'm very upset about everything that.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeap, that was a big surprise for me as well, but that's how things are. You can google the subject, iirc, on some w3c mailing list that case was discussed and considered as fine. Also, SHOULD is a strong recommendation, but it's not a mandatory behaviour as what MUST does.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I removed the checks and fix tests accordingly.
hdrs.METH_GET, | ||
hdrs.METH_HEAD, | ||
hdrs.METH_OPTIONS, | ||
hdrs.METH_TRACE, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should DELETE method be here are well?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nothing is said regarding DELETE in RFC. And also:
- a message-body is explicitly forbidden in responses to HEAD requests (section 9, and 9.4 specifically)
- an entity-body is explicitly forbidden in TRACE requests only, all other request types are unrestricted (section 9, and 9.8 specifically)
Should I add raise ValueError in constructor in these requests ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should I add raise ValueError in constructor in these requests ?
Let's open another issue for that. If we can help users to not produce invalid requests that would be good.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK: #2192
aiohttp/client_reqrep.py
Outdated
@@ -103,7 +106,8 @@ def __init__(self, method, url, *, | |||
self.update_proxy(proxy, proxy_auth, proxy_from_env) | |||
|
|||
self.update_body_from_data(data) | |||
self.update_transfer_encoding() | |||
if data or self.method not in self.GET_METHODS: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does it make a sense to call update_transfer_encoding
for POST/PUT with no body?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure. It is required to send Content-Length: 0
in these requests.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hm, ok. Asking because you can send POST without content-length set and that's fine as well. curl does so.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGFM
Content-length: 0
in GET/HEAD/TRACE requests (#2167)Content-length: 0
in GET/HEAD/TRACE/OPTIONS requests (#2167)
Codecov Report
@@ Coverage Diff @@
## master #2191 +/- ##
=========================================
- Coverage 97.24% 97.2% -0.05%
=========================================
Files 39 39
Lines 8208 8183 -25
Branches 1436 1434 -2
=========================================
- Hits 7982 7954 -28
- Misses 98 101 +3
Partials 128 128
Continue to review full report at Codecov.
|
Should we don't send zero |
I think we should set and allow to skip. |
@fafhrd91 please make your last message clean: do you mean we should set |
@asvetlov your interpretation is right. I think our current behavior is right we just need a way to override defaults |
No! totally disagree with you.
|
I agree in general, but there is reality. Dropping |
First of all, this change will actually affect only GET-requests. People should never rely on the |
I'm with @socketpair, he has a point. Here is a story about |
At least ElasticSearch uses GET with BODY for multi-get requests. |
Can we ask aioes maintainers to run their tests with this pathc and no |
aioes is not maintained anymore but there are async transports for official elasticsearch-py. Do you suggest not send |
Yes, I do. There indeed could be semantical difference since no body means
vs
|
So, current fix is right :) and CURL has a bug (regarding POST without an entity). |
Well, looks good but I like to have explicit test for GET with BODY -- we should support this mode. |
@asvetlov there is one. An original test: Even more, I added the comment |
This test doesn't perform actual call. |
Myabe just add |
Please no, only with functional test I could sleep safe and quiet :) |
ohhh. I forgot about this PR. Will fix tests in nearest time. |
Ping |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGFM
@socketpair @asvetlov |
Only specific tests are missing (@asvetlov asks me to write them). I'm in Dubai now (Gitex), so I can't work on it. Beside this, everything is ready and coulud be merged. |
I just have rebased, no code change. |
Ok |
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a [new issue] for related bugs. |
What do these changes do?
Are there changes in behavior for the user?
Related issue number
Checklist
CONTRIBUTORS.txt
changes
folder<issue_id>.<type>
for example (588.bug)issue_id
change it to the pr id after creating the pr.feature
: Signifying a new feature..bugfix
: Signifying a bug fix..doc
: Signifying a documentation improvement..removal
: Signifying a deprecation or removal of public API..misc
: A ticket has been closed, but it is not of interest to users.