On Mon, Nov 5, 2012 at 5:06 PM, Lieven Govaerts <lgo_at_mobsol.be> wrote:
> On Mon, Nov 5, 2012 at 1:15 PM, Ivan Zhakov <ivan_at_visualsvn.com> wrote:
>> On Mon, Nov 5, 2012 at 12:11 PM, Branko Čibej <brane_at_wandisco.com> wrote:
>>> On 05.11.2012 00:21, Thomas Åkesson wrote:
>>>> I did some tests with curl --head just as a sanity check. It seems to be a good choice for access control. I primarily wanted to see that HEAD requests were not allowed in situations where GET is not (e.g. when user has access in directories below).
>>>>
>>>> The HEAD requests I performed (minimal curl command) did not cause the server to provide Content-Length when returning "200 OK".
>>>
>>> Which is precisely what I was talking about in my other post. Such HEAD
>>> responses are invalid. If we implement HEAD, we have to do it correctly.
>>>
>> I believe we use chunked responses and I assume they do not require
>> Content-Length header.
>>
>
> Not anymore.
>
> Serf uses chunked encoding for requests if the content length of the
> request body isn't known up front.
> Svn explicitly sets the content length for requests when it is in
> HTTP/1.0 mode, which is the default for a new connection.
> (see the call to serf_bucket_request_set_CL in util.c:678)
>
> So the first request on a connection will always have the content length set:
>
I meant Content-Length response header, not request none. Sorry for confusion.
--
Ivan Zhakov
Received on 2012-11-05 14:47:01 CET