#3908 new enhancement

Detect invalid HTTP storage server responses early, close request

Reported by: itamarst Owned by:
Priority: normal Milestone: HTTP Storage Protocol v2
Component: unknown Version: n/a
Keywords: Cc:
Launchpad Bug:

Description (last modified by itamarst)

When downloading shares, if the Content-Length/Content?-Range of a response doesn't match requested body length (too short means we were wrong about what server has in terms of length, or server bug, too long means server bug), we should probably just give up early.

This depends on #3907; currently we knowingly send non-matching lengths, so that needs to be fixed first.

It also depends on https://github.com/twisted/treq/issues/347 to make this possible at all. This has been fixed, but requires a 2023 release of Treq.

Implementation: when deliverBody() happens the passed-in protocol gets access to the transport, allowing us to close the connection.

Change History (2)

comment:1 Changed at 2022-07-15T14:33:49Z by itamarst

  • Description modified (diff)

comment:2 Changed at 2023-01-23T14:16:10Z by itamarst

  • Description modified (diff)
  • Milestone changed from HTTP Storage Protocol to HTTP Storage Protocol v2
Note: See TracTickets for help on using tickets.