Issue #5022 has been updated by Felix Jodoin.

File webrick_test_httprequest_case.patch added

Aaron Patterson wrote:
> Can you add a test?
> 
> Also, I'm not sure that this should be an error.  In section 4.1 of RFC 1945, it says that simple requests are OK.  Simple requests do not require an http version:
> 
> Simple-Request  = "GET" SP Request-URI CRLF

Hi, yes, this should not be a 400 bad request at all (I was incorrect in labeling it as a malformed HTTP request) - however, it is still broken without my patch since it returns a 500 instead of passing the request. Rather than erroring when the meta_vars are accessed, it should be prepared for a nil header (as RFC 1945 specifies headers should not exist with an HTTP/0.9 simple request). With my original patch applied, meta_vars will work as intended. 

The attached test case will illustrate this (patches test/webrick/test_httprequest.rb).
----------------------------------------
Bug #5022: WEBrick returns improper response for malformed HTTP Request
http://redmine.ruby-lang.org/issues/5022

Author: Felix Jodoin
Status: Open
Priority: Normal
Assignee: 
Category: 
Target version: 
ruby -v: ruby 1.9.2p180 (2011-02-18 revision 30909) [x86_64-darwin10.7.0]


=begin

When sending an improper HTTP request in the form of:

 GET /\n

(with any valid or invalid HTTP verb), WEBrick returns:

 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN">
 <HTML>
  <HEAD><TITLE>Internal Server Error</TITLE></HEAD>
  <BODY>
    <H1>Internal Server Error</H1>
    undefined method `each' for nil:NilClass
    <HR>
    <ADDRESS>
     WEBrick/1.3.1 (Ruby/1.9.2/2011-02-18) at
     localhost:3000
    </ADDRESS>
  </BODY>
 </HTML>


and then closes the connection, without sending any HTTP status headers or printing a correct '400 Bad Request' error page. This is because the @header variable wasn't set up properly, so @header is nil when a message is passed to it when handling the request. WEBrick's log on the server console will read similar to:

 [2011-07-13 00:49:40] ERROR NoMethodError: undefined method `each' for nil:NilClass
 /Users/x/.rvm/rubies/ruby-1.9.2-p180/lib/ruby/1.9.1/webrick/httprequest.rb:154:in `each'
 /Users/x/.rvm/rubies/ruby-1.9.2-p180/lib/ruby/1.9.1/webrick/httprequest.rb:231:in `meta_vars'
 /Users/x/.rvm/gems/ruby-1.9.2-p180/gems/rack-1.3.0/lib/rack/handler/webrick.rb:34:in `service'
 /Users/x/.rvm/rubies/ruby-1.9.2-p180/lib/ruby/1.9.1/webrick/httpserver.rb:111:in `service'
 /Users/x/.rvm/rubies/ruby-1.9.2-p180/lib/ruby/1.9.1/webrick/httpserver.rb:70:in `run'
 /Users/x/.rvm/rubies/ruby-1.9.2-p180/lib/ruby/1.9.1/webrick/server.rb:183:in `block in start_thread'

(Where line 34 of rack/handler/webrick.rb is a simple `env = req.meta_vars`)

This is reproducible in both 1.8.7 and 1.9.2. 

A simple patch is attached to WEBrick's httprequest.rb that will allow the request to continue processing, fixing the 500 internal server error (and let the app decide how to handle the malformed request). In my testing with rack 1.3.0 & sinatra 1.2.6, this patch allowed the request complete normally.



=end


-- 
http://redmine.ruby-lang.org