On 2014-06-19, 7:55 PM, Tyler Romeo wrote:
On Thu, Jun 19, 2014 at 9:23 PM, Brian Wolff bawolff@gmail.com wrote:
What about the content-length header? I believe that's included with POST requests even when using application/x-www-form-urlencoded form.
I suggest people in this thread read section 4.4 of RFC 2616.
There is no situation in which an HTTP request can be "cut off" such that part of the query goes missing. Assuming you are using a compliant web server, the Content-Length header is basically required for request bodies (unless you're doing chunked encoding or something).
Try right now submitting a POST request without a Content-Length header to Wikipedia. It results in a 400. Additionally, if you send an incorrect header, it will either wait until timeout if it's too long or give 400 if it's too short.
Like Daniel said, the only situation that is possible is some sort of buffer issue, where there is a client-side application logic error that causes the incorrect request to be sent. But this is not really MediaWiki's problem, and client's should be using the Content-MD5 header (or whatever the bastardized MediaWiki version is, since MW doesn't actually support HTTP) if they really want to ensure data integrity.
A) Issues like this result in a simple content tweak to end up erasing the latter part of an article, it may not be a problem "in" MediaWiki, but it still something that affects us and something for us to document to API users. B) If we even have anything similar to Content-MD5 (I don't remember seeing anything) it's optional and the clients most likely to have a buffer bugs like that are going to be the ones that don't use it. C) Even if a client used something like Content-MD5 it wouldn't really help, if a client has a buffer issue like we're talking about then there's a good chance that the corruption exists in the same buffer that the hash is based on so the hash itself will be incorrect.
~Daniel Friesen (Dantman, Nadir-Seen-Fire) [http://danielfriesen.name/]