https://bz.apache.org/bugzilla/show_bug.cgi?id=64240
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEEDINFO |NEW
--- Comment #17 from Mark Thomas <ma...@apache.org> ---
There is a regression in 8.5.51 (and probably 9.0.31, 7.0.100 and 10.0.0-M1)
that means HTTP 0.9 requests of the form "GET /CRLF" are not processed
correctly. The root cause is the improved CRLF parsing for headers. The CRLF on
the request line is not fully parsed so the LF gets passed to the header
parsing that then waits for more data. This is why the 20s timeout is observed
with 8.5.51.
With 8.5.53 things are better but there is still an edge case. "GET / LF" which
is either a malformed but allowable HTTP 0.9 request or an illegal HTTP /1.1
request (Tomcat opts for HTTP 0.9) may fail if the request line is split across
multiple packets (which you may see when testing depending on the testing tools
you use).
I'm working on a fix for this edge case.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
