Opened 3 years ago

Last modified 13 months ago

#4451 new defect

Accept-Encoding parsing

Reported by: mnot Owned by:
Priority: normal Component: avformat
Version: git-master Keywords: http
Cc: Blocked By:
Blocking: Reproduced by developer: no
Analyzed by developer: no

Description

http.c parses the Accept-Encoding response header like this:

"""
if (!av_strcasecmp(tag, "Accept-Ranges") &&

!strncmp(p, "bytes", 5) &&
s->seekable == -1) {

h->is_streamed = 0;

} else if (!av_strcasecmp(tag, "Transfer-Encoding") &&

"""

This means that if the string "bytes" shows up in the header at all, it will match -- making it error-prone if a range using that sequence of characters is ever defined (e.g., "newbytes" as recently proposed on the HTTP WG mailing list).

The syntax isn't difficult to parse, it's a comma-separated list of tokens with optional whitespace (the same as several other headers):

http://httpwg.github.io/specs/rfc7233.html#header.accept-ranges

(found by Rodger Combs on the IETF HTTP WG mailing list)

Change History (2)

comment:1 Changed 3 years ago by 11rcombs

Correction: the existing implementation matches if the first 5 characters are "bytes", which means it wouldn't be compatible with a server that lists multiple allowed range units without starting with "bytes".

comment:2 Changed 13 months ago by cehoyos

  • Component changed from undetermined to avformat
  • Keywords http added
  • Version changed from unspecified to git-master
Note: See TracTickets for help on using tickets.