Add tests for empty POST and content-length #4612
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
I have not checked other verbs which semantics imply a content, like PUT, PATCH. If changing this behavior about POST, they should likely be checked too. |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #4612 +/- ##
==========================================
- Coverage 92.93% 92.93% -0.01%
==========================================
Files 106 106
Lines 32973 32973
==========================================
- Hits 30645 30644 -1
- Misses 2328 2329 +1 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
mcollina
added a commit
that referenced
this pull request
Oct 5, 2025
This change aligns HTTP/2 behavior with HTTP/1 by ensuring that empty POST requests (and other methods that expect payloads) include a Content-Length: 0 header. According to RFC 9110, a user agent SHOULD send Content-Length in a request when the method defines a meaning for enclosed content, even when the value is 0 (indicating empty content). Previously, HTTP/2 requests would omit the Content-Length header for empty POST requests, while HTTP/1 requests correctly included it. This inconsistency could cause issues with servers like IIS that reject empty POST requests without a Content-Length header (returning 411 Length Required). Changes: - Modified lib/dispatcher/client-h2.js to only omit Content-Length when both contentLength is 0 AND the method doesn't expect a payload - Updated the assertion to allow contentLength === 0 without a body - Updated test to verify Content-Length: 0 is sent for empty POST with H2 - Updated test comments to reflect the corrected behavior Fixes #4594 Ref #4612 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]> Signed-off-by: Matteo Collina <[email protected]>
4 tasks
mcollina
added a commit
that referenced
this pull request
Oct 29, 2025
* Add tests for empty POST and content-length * fix: ensure HTTP/2 sends Content-Length for empty POST requests This change aligns HTTP/2 behavior with HTTP/1 by ensuring that empty POST requests (and other methods that expect payloads) include a Content-Length: 0 header. According to RFC 9110, a user agent SHOULD send Content-Length in a request when the method defines a meaning for enclosed content, even when the value is 0 (indicating empty content). Previously, HTTP/2 requests would omit the Content-Length header for empty POST requests, while HTTP/1 requests correctly included it. This inconsistency could cause issues with servers like IIS that reject empty POST requests without a Content-Length header (returning 411 Length Required). Changes: - Modified lib/dispatcher/client-h2.js to only omit Content-Length when both contentLength is 0 AND the method doesn't expect a payload - Updated the assertion to allow contentLength === 0 without a body - Updated test to verify Content-Length: 0 is sent for empty POST with H2 - Updated test comments to reflect the corrected behavior Fixes #4594 Ref #4612 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]> Signed-off-by: Matteo Collina <[email protected]> * Update client-h2.js Co-authored-by: Frédéric Delaporte <[email protected]> --------- Signed-off-by: Matteo Collina <[email protected]> Co-authored-by: Frédéric Delaporte <[email protected]> Co-authored-by: Claude <[email protected]>
metcoder95
pushed a commit
that referenced
this pull request
Oct 30, 2025
* Add tests for empty POST and content-length * fix: ensure HTTP/2 sends Content-Length for empty POST requests This change aligns HTTP/2 behavior with HTTP/1 by ensuring that empty POST requests (and other methods that expect payloads) include a Content-Length: 0 header. According to RFC 9110, a user agent SHOULD send Content-Length in a request when the method defines a meaning for enclosed content, even when the value is 0 (indicating empty content). Previously, HTTP/2 requests would omit the Content-Length header for empty POST requests, while HTTP/1 requests correctly included it. This inconsistency could cause issues with servers like IIS that reject empty POST requests without a Content-Length header (returning 411 Length Required). Changes: - Modified lib/dispatcher/client-h2.js to only omit Content-Length when both contentLength is 0 AND the method doesn't expect a payload - Updated the assertion to allow contentLength === 0 without a body - Updated test to verify Content-Length: 0 is sent for empty POST with H2 - Updated test comments to reflect the corrected behavior Fixes #4594 Ref #4612 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]> Signed-off-by: Matteo Collina <[email protected]> * Update client-h2.js Co-authored-by: Frédéric Delaporte <[email protected]> --------- Signed-off-by: Matteo Collina <[email protected]> Co-authored-by: Frédéric Delaporte <[email protected]> Co-authored-by: Claude <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This relates to...
A discrepancy in behavior about empty POST request, when enabling or not enabling H2.
See #4594.
Rationale
This adds two tests:
According to RFC 9110:
So, the behavior of Undici sending a
0Content-Lengthon empty POST request when H2 is not enabled is recommended by the RFC, while its behavior of sending no Content-Length on such requests when H2 is enabled does not match the recommendation. (It is still compliant since that is a "SHOULD", not a "MUST".)Whether this should be changed or not, I do not know. Is there a good reason for this behavior with H2?
For your information, some servers cannot receive empty POST requests without a Content-Length. That is the case of Internet Information Server (IIS), the default web server of Windows OSes. Windows OSes underlying
http.sysrejects such requests with a 411 Length required response.Changes
Add two tests to demonstrate the current behavior of Undici.
Features
N/A
Bug Fixes
N/A
Breaking Changes and Deprecations
None
Status