optimize CL/TE check;

replace the heavyhanded connection:close added in b4fddbc3d with a comparison of content-length to num bytes consumed this approach also covers incorrectly configured servers where the reverseproxy was not detected also adds explicit TE/CL handling, even though most (all?) reverseproxies already prevent such issues also adds explicit sanchk of up2k chunk-receiver, in case any bugs are ever added there
2026-04-02 22:08:38 +10:00 · 2026-01-30 20:06:02 +00:00
parent 73d06eaf84
commit ed6a8d5a73
3 changed files with 43 additions and 3 deletions
--- a/copyparty/httpconn.py
+++ b/copyparty/httpconn.py
@@ -222,6 +222,21 @@ class HttpConn(object):
            if not self.cli.run():
                return

+            if self.sr.te == 1:
+                self.log("closing socket (leftover TE)", "90")
+                return
+
+            if (
+                "content-length" in self.cli.headers
+                and int(self.cli.headers["content-length"]) != self.sr.nb
+            ):
+                self.log("closing socket (CL mismatch)", "90")
+                return
+
+            # note: proxies reject PUT sans Content-Length; illegal for HTTP/1.1
+
+            self.sr.nb = self.sr.te = 0
+
            if self.u2idx:
                self.hsrv.put_u2idx(str(self.addr), self.u2idx)
                self.u2idx = None