Compliance: reply with 400 (Bad Request) if request header is too big. Reply with a standard 400 (Bad Request) instead of 601 (Unknown) status in case of an ERR_TOO_BIG error. HTTP does not have a dedicated code for the too-big header error. There is 414 (Request-URI Too Long), but Squid does not distinguish too-large headers from too-large URIs. Co-Advisor test case: test_case/rfc2616/longUri-65536 === modified file 'src/HttpStatusCode.h' --- src/HttpStatusCode.h 2010-01-01 21:16:57 +0000 +++ src/HttpStatusCode.h 2010-08-27 17:51:17 +0000 @@ -36,24 +36,26 @@ typedef enum { HTTP_CONFLICT = 409, HTTP_GONE = 410, HTTP_LENGTH_REQUIRED = 411, HTTP_PRECONDITION_FAILED = 412, HTTP_REQUEST_ENTITY_TOO_LARGE = 413, HTTP_REQUEST_URI_TOO_LARGE = 414, HTTP_UNSUPPORTED_MEDIA_TYPE = 415, HTTP_REQUESTED_RANGE_NOT_SATISFIABLE = 416, HTTP_EXPECTATION_FAILED = 417, HTTP_UNPROCESSABLE_ENTITY = 422, /**< RFC2518 section 10.3 */ HTTP_LOCKED = 423, /**< RFC2518 section 10.4 */ HTTP_FAILED_DEPENDENCY = 424, /**< RFC2518 section 10.5 */ HTTP_INTERNAL_SERVER_ERROR = 500, HTTP_NOT_IMPLEMENTED = 501, HTTP_BAD_GATEWAY = 502, HTTP_SERVICE_UNAVAILABLE = 503, HTTP_GATEWAY_TIMEOUT = 504, HTTP_HTTP_VERSION_NOT_SUPPORTED = 505, HTTP_INSUFFICIENT_STORAGE = 507, /**< RFC2518 section 10.6 */ HTTP_INVALID_HEADER = 600, /**< Squid header parsing error */ - HTTP_HEADER_TOO_LARGE = 601 /* Header too large to process */ + HTTP_HEADER_TOO_LARGE = 601 /**< Header too large to process. Used + internally only, replying to client + with HTTP_BAD_REQUEST instead. */ } http_status; #endif /* _SQUID_SRC_HTTP_STATUSCODE_H */ === modified file 'src/client_side.cc' --- src/client_side.cc 2010-08-24 04:18:51 +0000 +++ src/client_side.cc 2010-08-27 17:47:19 +0000 @@ -2390,41 +2390,41 @@ clientProcessRequest(ConnStateData *conn { ClientHttpRequest *http = context->http; HttpRequest *request = NULL; bool notedUseOfBuffer = false; bool tePresent = false; bool deChunked = false; bool mustReplyToOptions = false; bool unsupportedTe = false; /* We have an initial client stream in place should it be needed */ /* setup our private context */ context->registerWithConn(); if (context->flags.parsed_ok == 0) { clientStreamNode *node = context->getClientReplyContext(); debugs(33, 1, "clientProcessRequest: Invalid Request"); clientReplyContext *repContext = dynamic_cast(node->data.getRaw()); assert (repContext); switch (hp->request_parse_status) { case HTTP_HEADER_TOO_LARGE: - repContext->setReplyToError(ERR_TOO_BIG, HTTP_HEADER_TOO_LARGE, method, http->uri, conn->peer, NULL, conn->in.buf, NULL); + repContext->setReplyToError(ERR_TOO_BIG, HTTP_BAD_REQUEST, method, http->uri, conn->peer, NULL, conn->in.buf, NULL); break; case HTTP_METHOD_NOT_ALLOWED: repContext->setReplyToError(ERR_UNSUP_REQ, HTTP_METHOD_NOT_ALLOWED, method, http->uri, conn->peer, NULL, conn->in.buf, NULL); break; default: repContext->setReplyToError(ERR_INVALID_REQ, HTTP_BAD_REQUEST, method, http->uri, conn->peer, NULL, conn->in.buf, NULL); } assert(context->http->out.offset == 0); context->pullData(); conn->flags.readMoreRequests = false; goto finish; } if ((request = HttpRequest::CreateFromUrlAndMethod(http->uri, method)) == NULL) { clientStreamNode *node = context->getClientReplyContext(); debugs(33, 5, "Invalid URL: " << http->uri); clientReplyContext *repContext = dynamic_cast(node->data.getRaw()); assert (repContext); repContext->setReplyToError(ERR_INVALID_URL, HTTP_BAD_REQUEST, method, http->uri, conn->peer, NULL, NULL, NULL); assert(context->http->out.offset == 0);