diff options
author | Loïc Hoguin <[email protected]> | 2024-01-09 10:59:40 +0100 |
---|---|---|
committer | Loïc Hoguin <[email protected]> | 2024-01-09 10:59:40 +0100 |
commit | a40bab8fb3491a587c93bedb53404decacfe49dc (patch) | |
tree | 18c66b7a0308b60364747fb2dca8108140b52b22 | |
parent | e4a78aaeb110a3eda5269b618230b8bcb18fbcc2 (diff) | |
download | cowboy-a40bab8fb3491a587c93bedb53404decacfe49dc.tar.gz cowboy-a40bab8fb3491a587c93bedb53404decacfe49dc.tar.bz2 cowboy-a40bab8fb3491a587c93bedb53404decacfe49dc.zip |
Improve the error when trying to send a 204/304 with a body
-rw-r--r-- | src/cowboy_req.erl | 23 | ||||
-rw-r--r-- | test/handlers/resp_h.erl | 4 |
2 files changed, 16 insertions, 11 deletions
diff --git a/src/cowboy_req.erl b/src/cowboy_req.erl index 312862d..68f6bc6 100644 --- a/src/cowboy_req.erl +++ b/src/cowboy_req.erl @@ -813,20 +813,26 @@ reply(Status, Headers, SendFile = {sendfile, _, Len, _}, Req) %% Neither status code must include a response body. (RFC7230 3.3) reply(Status, Headers, Body, Req) when Status =:= 204; Status =:= 304 -> - 0 = iolist_size(Body), - do_reply(Status, Headers, Body, Req); + do_reply_ensure_no_body(Status, Headers, Body, Req); reply(Status = <<"204",_/bits>>, Headers, Body, Req) -> - 0 = iolist_size(Body), - do_reply(Status, Headers, Body, Req); + do_reply_ensure_no_body(Status, Headers, Body, Req); reply(Status = <<"304",_/bits>>, Headers, Body, Req) -> - 0 = iolist_size(Body), - do_reply(Status, Headers, Body, Req); + do_reply_ensure_no_body(Status, Headers, Body, Req); reply(Status, Headers, Body, Req) when is_integer(Status); is_binary(Status) -> do_reply(Status, Headers#{ <<"content-length">> => integer_to_binary(iolist_size(Body)) }, Body, Req). +do_reply_ensure_no_body(Status, Headers, Body, Req) -> + case iolist_size(Body) of + 0 -> + do_reply(Status, Headers, Body, Req); + _ -> + exit({response_error, payload_too_large, + '204 and 304 responses must not include a response body. (RFC7230 3.3)'}) + end. + %% Don't send any body for HEAD responses. While the protocol code is %% supposed to enforce this rule, we prefer to avoid copying too much %% data around if we can avoid it. @@ -851,12 +857,11 @@ stream_reply(_, _, #{has_sent_resp := _}) -> %% 204 and 304 responses must NOT send a body. We therefore %% transform the call to a full response and expect the user %% to NOT call stream_body/3 afterwards. (RFC7230 3.3) -stream_reply(Status = 204, Headers=#{}, Req) -> +stream_reply(Status, Headers=#{}, Req) + when Status =:= 204; Status =:= 304 -> reply(Status, Headers, <<>>, Req); stream_reply(Status = <<"204",_/bits>>, Headers=#{}, Req) -> reply(Status, Headers, <<>>, Req); -stream_reply(Status = 304, Headers=#{}, Req) -> - reply(Status, Headers, <<>>, Req); stream_reply(Status = <<"304",_/bits>>, Headers=#{}, Req) -> reply(Status, Headers, <<>>, Req); stream_reply(Status, Headers=#{}, Req) when is_integer(Status); is_binary(Status) -> diff --git a/test/handlers/resp_h.erl b/test/handlers/resp_h.erl index 8031d0e..735c654 100644 --- a/test/handlers/resp_h.erl +++ b/test/handlers/resp_h.erl @@ -182,10 +182,10 @@ do(<<"reply4">>, Req0, Opts) -> ct_helper:ignore(erlang, iolist_size, 1), cowboy_req:reply(200, #{}, ok, Req0); <<"204body">> -> - ct_helper:ignore(cowboy_req, reply, 4), + ct_helper:ignore(cowboy_req, do_reply_ensure_no_body, 4), cowboy_req:reply(204, #{}, <<"OK">>, Req0); <<"304body">> -> - ct_helper:ignore(cowboy_req, reply, 4), + ct_helper:ignore(cowboy_req, do_reply_ensure_no_body, 4), cowboy_req:reply(304, #{}, <<"OK">>, Req0); Status -> cowboy_req:reply(binary_to_integer(Status), #{}, <<"OK">>, Req0) |