You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
HTTPHeaders.updateContentLength(_:) overrides the “Content-Length” value provided in the response headers with the size of the body (0) in contravention of RFC9110.
Vapor version
4.92.3
Operating system and version
14.4.1
Swift version
Swift Package Manager - Swift 5.10.0-dev
Steps to reproduce
Perform a HEAD request for a resource with a non-zero content length
Set the "Content-Length" header of the 200 response with the size of the resource in bytes
Observe the response includes the header content-length: 0 instead of the expected non-zero value.
Outcome
Vapor responses to HEAD requests do not behave according to the RFC and the required functionality from non-zero Content-Length headers in HEAD responses cannot be achieved.
A server MAY send a Content-Length header field in a response to a HEAD request (Section 9.3.2); a server MUST NOT send Content-Length in such a response unless its field value equals the decimal number of octets that would have been sent in the content of a response if the same request had used the GET method.
HTTPHeaders.updateContentLength(_:) overrides the “Content-Length” value provided in the response headers with the size of the body (0) in contravention of RFC9110.
This prevents HEAD responses from behaving correctly.
#2749 may be an existing report of the same issue, with an incomplete (?) fix available #3147
The text was updated successfully, but these errors were encountered:
The workaround from #3084 of adding the header value after creating the response works, but is non-obvious and should not be necessary to be compliant with the RFC.
Describe the issue
HTTPHeaders.updateContentLength(_:)
overrides the “Content-Length” value provided in the response headers with the size of the body (0) in contravention of RFC9110.Vapor version
4.92.3
Operating system and version
14.4.1
Swift version
Swift Package Manager - Swift 5.10.0-dev
Steps to reproduce
content-length: 0
instead of the expected non-zero value.Outcome
Vapor responses to HEAD requests do not behave according to the RFC and the required functionality from non-zero Content-Length headers in HEAD responses cannot be achieved.
Additional notes
In https://www.rfc-editor.org/rfc/rfc9110.html#section-9.3.2 the statement
which is in agreement with https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6-6
HTTPHeaders.updateContentLength(_:)
overrides the “Content-Length” value provided in the response headers with the size of the body (0) in contravention of RFC9110.This prevents HEAD responses from behaving correctly.
#2749 may be an existing report of the same issue, with an incomplete (?) fix available #3147
The text was updated successfully, but these errors were encountered: