From 0fa584c26e2ba6aec1045f55551b2b1865a9fd96 Mon Sep 17 00:00:00 2001
From: Andreas Gohr <andi@splitbrain.org>
Date: Sat, 16 Feb 2013 13:07:27 +0100
Subject: HTTPClient: fixed max_bodysize when using keep-alive

---
 inc/HTTPClient.php | 41 ++++++++++++++++++++++++++++-------------
 1 file changed, 28 insertions(+), 13 deletions(-)

(limited to 'inc')

diff --git a/inc/HTTPClient.php b/inc/HTTPClient.php
index 8cfb86567..e36514286 100644
--- a/inc/HTTPClient.php
+++ b/inc/HTTPClient.php
@@ -215,6 +215,9 @@ class HTTPClient {
         $this->start  = $this->_time();
         $this->error  = '';
         $this->status = 0;
+        $this->status = 0;
+        $this->resp_body = '';
+        $this->resp_headers = array();
 
         // don't accept gzip if truncated bodies might occur
         if($this->max_bodysize &&
@@ -440,9 +443,31 @@ class HTTPClient {
                         $byte = $this->_readData($socket, 2, 'chunk'); // read trailing \r\n
                     }
                 } while ($chunk_size && !$abort);
-            }elseif($this->max_bodysize){
-                // read just over the max_bodysize
-                $r_body = $this->_readData($socket, $this->max_bodysize+1, 'response', true);
+            }elseif(isset($this->resp_headers['content-length']) && !isset($this->resp_headers['transfer-encoding'])){
+                /* RFC 2616
+                 * If a message is received with both a Transfer-Encoding header field and a Content-Length
+                 * header field, the latter MUST be ignored.
+                 */
+
+                // read up to the content-length or max_bodysize
+                // for keep alive we need to read the whole message to clean up the socket for the next read
+                if(!$this->keep_alive && $this->max_bodysize && $this->max_bodysize < $this->resp_headers['content-length']){
+                    $length = $this->max_bodysize;
+                }else{
+                    $length = $this->resp_headers['content-length'];
+                }
+
+                $r_body = $this->_readData($socket, $length, 'response (content-length limited)', true);
+            }else{
+                // read entire socket
+                $r_size = 0;
+                while (!feof($socket)) {
+                    $r_body .= $this->_readData($socket, 4096, 'response (unlimited)', true);
+                }
+            }
+
+            // recheck body size, we might had to read the whole body, so we abort late or trim here
+            if($this->max_bodysize){
                 if(strlen($r_body) > $this->max_bodysize){
                     if ($this->max_bodysize_abort) {
                         throw new HTTPClientException('Allowed response size exceeded');
@@ -450,16 +475,6 @@ class HTTPClient {
                         $this->error = 'Allowed response size exceeded';
                     }
                 }
-            }elseif(isset($this->resp_headers['content-length']) &&
-                    !isset($this->resp_headers['transfer-encoding'])){
-                // read up to the content-length
-                $r_body = $this->_readData($socket, $this->resp_headers['content-length'], 'response', true);
-            }else{
-                // read entire socket
-                $r_size = 0;
-                while (!feof($socket)) {
-                    $r_body .= $this->_readData($socket, 4096, 'response', true);
-                }
             }
 
         } catch (HTTPClientException $err) {
-- 
cgit v1.2.3