* src/ne_request.c (ne_begin_request): Ignore the "identity"

transfer-coding since "privoxy" apparently sends it.  Fail for unknown
transfer-codings.

* test/request.c (te_identity): New test, replacing any_te_header.
(fail_on_invalid): Test for failure with unknown transfer-codings.

* doc/using.xml: Update section on transfer-encoding interpretation.


git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@1219 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845

3 files changed, 37 insertions, 24 deletions

diff --git a/doc/using.xml b/doc/using.xml
index e88c9ef..4a3b733 100644
--- a/doc/using.xml
+++ b/doc/using.xml
@@ -94,14 +94,14 @@
         
         <para>There is some confusion in this specification about the
         use of the <quote>identity</quote>
-        <firstterm>transfer-coding</firstterm>.  &neon; treats the
-        presence of <emphasis>any</emphasis>
-        <literal>Transfer-Encoding</literal> response header as an
-        indication that the response message uses the
-        <quote>chunked</quote> transfer-coding.  This was the
-        suggested resolution <ulink
-        url="http://lists.w3.org/Archives/Public/ietf-http-wg-old/2001SepDec/0018.html">proposed
-        by Larry Masinter</ulink>.</para></sect2>
+        <firstterm>transfer-coding</firstterm>.  &neon; ignores the
+        <literal>Transfer-Encoding</literal> response header if it
+        contains only the (now deprecated) <quote>identity</quote>
+        token, and will determine the response message length as if
+        the header was not present.  &neon; will give an error if a
+        response includes a <literal>Transfer-Encoding</literal>
+        header with a value other than <quote>identity</quote> or
+        <quote>chunked</quote>.</para></sect2>
 
         <sect2>
         <title>RFC 2617, HTTP Authentication: Basic and Digest Access Authentication</title>
diff --git a/src/ne_request.c b/src/ne_request.c
index 36aefec..2511ff8 100644
--- a/src/ne_request.c
+++ b/src/ne_request.c
@@ -1224,15 +1224,23 @@ int ne_begin_request(ne_request *req)
      * regardless of what headers are present. */
     if (req->method_is_head || st->code == 204 || st->code == 304) {
     	req->resp.mode = R_NO_BODY;
-    } else if (get_response_header_hv(req, HH_HV_TRANSFER_ENCODING,
-                                      "transfer-encoding")) {
-        /* Treat *any* t-e header as implying a chunked response
-         * regardless of value, per the "Protocol Compliance"
-         * statement in the manual. */
-        req->resp.mode = R_CHUNKED;
-        req->resp.body.chunk.remain = 0;
-    } else if ((value = get_response_header_hv(req, HH_HV_CONTENT_LENGTH,
-                                               "content-length")) != NULL) {
+    }
+    /* Broken intermediaries exist which use "transfer-encoding: identity"
+     * to mean "no transfer-coding".  So that case must be ignored. */
+    else if ((value = get_response_header_hv(req, HH_HV_TRANSFER_ENCODING,
+                                             "transfer-encoding")) != NULL
+             && ne_strcasecmp(value, "identity") != 0) {
+        /* Otherwise, fail iff an unknown transfer-coding is used. */
+        if (ne_strcasecmp(value, "chunked") == 0) {
+            req->resp.mode = R_CHUNKED;
+            req->resp.body.chunk.remain = 0;
+        }
+        else {
+            return aborted(req, _("Unknown transfer-coding in response"), 0);
+        }
+    } 
+    else if ((value = get_response_header_hv(req, HH_HV_CONTENT_LENGTH,
+                                             "content-length")) != NULL) {
         ne_off_t len = ne_strtoff(value, NULL, 10);
         if (len != NE_OFFT_MAX && len >= 0) {
             req->resp.mode = R_CLENGTH;
diff --git a/test/request.c b/test/request.c
index da7931f..257d354 100644
--- a/test/request.c
+++ b/test/request.c
@@ -303,13 +303,15 @@ static int te_header(void)
 			   "\r\n" ABCDE_CHUNKS);
 }
 
-/* test that the presence of *any* t-e header implies a chunked
- * response. */
-static int any_te_header(void)
+static int te_identity(void)
 {
-    return expect_response("abcde", single_serve_string, RESP200
-                           "Transfer-Encoding: punked\r\n" "\r\n"
-                           ABCDE_CHUNKS);
+    /* http://bugzilla.gnome.org/show_bug.cgi?id=310636 says privoxy
+     * uses the "identity" transfer-coding. */
+    return expect_response("abcde", single_serve_string,
+			   RESP200 "Transfer-Encoding: identity\r\n"
+                           "Content-Length: 5\r\n"
+			   "\r\n"
+                           "abcde");
 }
 
 static int chunk_numeric(void)
@@ -1558,6 +1560,9 @@ static int fail_on_invalid(void)
     static const struct {
         const char *resp, *error;
     } ts[] = {
+        /* non-chunked TE. */
+        { RESP200 "transfer-encoding: punked\r\n" "\r\n" ABCDE_CHUNKS ,
+          "Unknown transfer-coding" },
         /* chunk without trailing CRLF */
         { RESP200 TE_CHUNKED "\r\n" "5\r\n" "abcdeFISH", 
           "delimiter was invalid" },
@@ -2042,7 +2047,7 @@ ne_test tests[] = {
     T(no_headers),
     T(chunks),
     T(te_header),
-    T(any_te_header),
+    T(te_identity),
     T(reason_phrase),
     T(chunk_numeric),
     T(chunk_extensions),