-
Notifications
You must be signed in to change notification settings - Fork 101
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Content-Length header set to 0 in GET requests for LNURL-auth #393
Comments
…s. Currently unsure if this fix should be applied here, or if we should instead petition for a change within Ktor, which would solve the issue more broadly.
I investigated this, and confirmed that the Ktor library does indeed send "Content-Length: 0" for GET requests. I also figured out how to remove it. But removing that header wasn't easy or straight-forward. One has to use a custom plugin, and understand the internals of Ktor. In other words, it's basically undocumented.
I think this confirms that Ktor shouldn't be sending that header (at least not when However "SHOULD NOT" is not the same as "MUST NOT". So if we follow the robustness principle:
then we'd probably conclude that:
I think you already submitted an issue to NextJS ? And I submitted an issue to Ktor: KTOR-6508 |
yes, that makes sense, we fixed it on our side by removing the
Looks like we did not! That was an oversight on our part. Will create one now Update: Other people already reported similar problems and in a comment, someone mentioned this |
Hi, we've noticed that Phoenix sets the
Content-Length
header to 0 for the GET request to the LNURL-auth callback.According to the HTTP spec, GET requests from user agents SHOULD NOT include the
Content-Length
header:-- https://www.rfc-editor.org/rfc/rfc9110#field.content-length
See stackernews/stacker.news#407 for more details.
The text was updated successfully, but these errors were encountered: