Requesting a URL breaks when the content-length header contains trailing whitespace

[amugofjava]

Hi,

Issue #49305 introduced additional validation to the content-length header field to ensure it only contains valid digits; however, in practice some web servers seem to right-pad the content-length value with spaces. Attempting to fetch a URL that contains white space fails with a HttpException: Content-Length must contain only digits exception.

Could the content-length field be trimmed before applying the validation or the RegExp altered to handle this white space?

The code below shows two URLs; one fails and the other is successful. The failed URL has additional white space.

import 'dart:io';

void main() async {
  final client = HttpClient();

  final goodRequest = await client.openUrl('GET', Uri.parse('http://httpstat.us/302'))
    ..followRedirects = false;

  final badRequest = await client.openUrl('GET', Uri.parse('http://mp3s.nashownotes.com/pc20rss.xml'))
    ..followRedirects = false;

  final goodResponse = await goodRequest.close();

  print(goodResponse.headers.toString());

  final badResponse = await badRequest.close();

  /// Never gets here due to trailing spaces in content-length header
  print(badResponse.headers.toString());
}

The successful URL has no white space in the content-length field:

The failing URL has white-space padding:

• Dart SDK Version: 2.19.2

[mraleph]

It does seem that changes in #49305 was slightly too strict. RFC 2616 says the following in 4.2 Message Headers:

 message-header = field-name ":" [ field-value ]
  field-name     = token
  field-value    = *( field-content | LWS )
  field-content  = <the OCTETs making up the field-value
                   and consisting of either *TEXT or combinations
                   of token, separators, and quoted-string>

The field-content does not include any leading or trailing LWS:
linear white space occurring before the first non-whitespace
character of the field-value or after the last non-whitespace
character of the field-value. Such leading or trailing LWS MAY be
removed without changing the semantics of the field value. Any LWS
that occurs between field-content MAY be replaced with a single SP
before interpreting the field value or forwarding the message
downstream.

This effectively means that padding Content-Length with white space as reported here should be totally fine.

/cc @brianquinlan

[brianquinlan]

This will be fixed in Dart 3.2.0.