fastcgi: check for CONTENT_LENGTH when sending requests#6661
Conversation
|
So we just throw |
|
php-fpm doesn't support streaming chunked requests. That's the thing. Golang fastcgi supports streaming chunked requests, but does anyone use that with caddy? |
|
https://bz.apache.org/bugzilla/show_bug.cgi?id=57087 looks like Apache fixed their fpm support with buffering |
|
Are there any updates on this (or the other patch for the issue)? Seeing these PRs just lying around for a month is pretty discouraging when this is essentially a DoS that seems to affect a lot of people |
The patch only been up for 3 weeks, and it's under review. We've been releasing 2.9.0 betas. You can build Caddy with this patch using xcaddy. |
mholt
left a comment
There was a problem hiding this comment.
Thanks Weidi. I like the more conservative approach. Maybe in the future we can figure out how to fix it with buffering to disk, but for now, this will do. :) Really appreciate it!
Co-authored-by: Kévin Dunglas <kevin@dunglas.fr>
…6661) * fastcgi: check for CONTENT_LENGTH when sending requests * order imports * use strconv.ParseUint instead of strconv.ParseInt Co-authored-by: Kévin Dunglas <kevin@dunglas.fr> --------- Co-authored-by: Kévin Dunglas <kevin@dunglas.fr>
For #6637, I think previous pr is a bit too ambitious. Requests buffering is hard to do right without considering a multitude of factors. This patch only requires
CONTENT_LENGTHto be set for fastcgi requests.