Gergo Tisza wrote:
On Thu, Jun 19, 2014 at 6:27 AM, Bartosz DziewoĆski matma.rex@gmail.com wrote:
I'm reasonably sure that the HTTP and HTTPS protocols are smart enough to recognize "cut off" requests, and that any servers whatsoever are smart enough to implement this behavior.
Actually not. multipart/form-data POST requests have an end marker, but application/x-www-form-urlencoded requests have not - they use the same param1=foo¶m2=bar format GET URLs do, there is no way to tell if that is cut off. Lower-level protocols will deal with issues like lost packets or network disconnection, but if the body of the request is truncated because of an error in the sending HTTP library, like using a buffer that is too small, there is no way the server could detect that.
Thanks for sharing this. It's interesting to read.
Though I believe the server, or at least MediaWiki's application logic on the server, does indeed provide a means of detecting a truncated parameter value:
https://www.mediawiki.org/w/api.php?action=help&modules=edit
-- md5 - The MD5 hash of the text parameter, or the prependtext and appendtext parameters concatenated. If set, the edit won't be done unless the hash is correct --
I suppose you'd need to make sure the "md5" parameter made it to the Web server before the truncated text parameter... bah. :-)
MZMcBride