net/http: ignore response body when forbidden by status code - go - Fork of Go programming language with my patches.

diff options

author	Ben Burkert <ben@benburkert.com>	2017-10-19 10:29:23 -0700
committer	Tom Bergan <tombergan@google.com>	2017-10-19 23:34:02 +0000
commit	2da8a16cbcd5fc6fc04e1fd8a157cfa21f6d18bc (patch)
tree	af051e8911e1ae77b950bc7437f509f4721934cd /src/cmd/trace
parent	b0680b474cd07f35ce8ca6ff210dc25bff453cd9 (diff)
download	go-2da8a16cbcd5fc6fc04e1fd8a157cfa21f6d18bc.tar.xz

net/http: ignore response body when forbidden by status code

A 1XX, 204, or 304 response may not include a response body according to RFC 7230, section 3.3.3. If a buggy server returns a 204 or 304 response with a body that is chunked encoded, the invalid body is currently made readable in the Response. This can lead to data races due to the transport connection's read loop which does not wait for the body EOF when the response status is 204 or 304. The correct behavior is to ignore the body on a 204 or 304 response, and treat the body data as the beginning of the next request on the connection. Updates #22330. Change-Id: I89a457ceb783b6f66136d5bf9be0a9b0a04fa955 Reviewed-on: https://go-review.googlesource.com/71910 Reviewed-by: Tom Bergan <tombergan@google.com> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Tom Bergan <tombergan@google.com>

Diffstat (limited to 'src/cmd/trace')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: