chore: report 400 for http2/3 request without content-length header

apache · Feb 23, 2024 · 69ef089 · 69ef089
1 parent e184acf
commit 69ef089
Show file tree

Hide file tree

Showing 2 changed files with 60 additions and 11 deletions.
diff --git a/apisix/core/request.lua b/apisix/core/request.lua
@@ -282,17 +282,14 @@ function _M.get_body(max_size, ctx)
         end
     end
 
-    -- TODO: solve this issue correctly.
-    local var = ctx and ctx.var or ngx.var
-    local content_length = tonumber(var.http_content_length) or 0
-    if (var.server_protocol == "HTTP/2.0" or var.server_protocol == "HTTP/3.0")
-        and content_length == 0 then
-        -- Due to the stream processing feature of HTTP/2 or HTTP/3,
-        -- this api could potentially block the entire request. Therefore,
-        -- this api is effective only when HTTP/2 or HTTP/3 requests send content-length header.
-        -- For requests with versions lower than HTTP/2, this api can still be used without
-        --- any problems.
-        return nil
+    -- check content-length header for http2/http3
+    do
+        local var = ctx and ctx.var or ngx.var
+        local content_length = tonumber(var.http_content_length)
+        if (var.server_protocol == "HTTP/2.0" or var.server_protocol == "HTTP/3.0")
+            and not content_length then
+            return nil, "HTTP2/HTTP3 request without a Content-Length header"
+        end
     end
     req_read_body()
 

diff --git a/t/plugin/azure-functions.t b/t/plugin/azure-functions.t
@@ -189,6 +189,8 @@ X-Extra-Header: MUST
 --- http2
 --- request
 GET /azure
+--- more_headers
+Content-Length: 0
 --- response_body
 faas invoked
 
@@ -208,6 +210,8 @@ server: APISIX/2.10.2
 --- http2
 --- request
 HEAD /azure
+--- more_headers
+Content-Length: 0
 --- response_headers
 Connection:
 Upgrade:
@@ -456,3 +460,51 @@ invocation /api/http/trigger successful
     }
 --- response_body
 invocation /api successful
+
+
+
+=== TEST 14: create route with azure-function plugin enabled
+--- config
+    location /t {
+        content_by_lua_block {
+            local t = require("lib.test_admin").test
+
+            local code, body = t('/apisix/admin/routes/1',
+                 ngx.HTTP_PUT,
+                 [[{
+                        "plugins": {
+                            "azure-functions": {
+                                "function_uri": "http://localhost:8765/httptrigger"
+                            }
+                        },
+                        "upstream": {
+                            "nodes": {
+                                "127.0.0.1:1982": 1
+                            },
+                            "type": "roundrobin"
+                        },
+                        "uri": "/azure"
+                }]]
+                )
+
+            if code >= 300 then
+                ngx.status = code
+                ngx.say("fail")
+                return
+            end
+
+            ngx.say(body)
+        }
+    }
+--- response_body
+passed
+
+
+
+=== TEST 15: http2 failed to check response body and headers
+--- http2
+--- request
+GET /azure
+--- error_code: 400
+--- error_log
+HTTP2/HTTP3 request without a Content-Length header,