Limit protocol upgrades to supported protocols #2588
Conversation
|
No, aiohttp supports upgrade to custom protocol IMHO. |
|
I see one main reason is http/2, if server can not upgrade to http/2 it should ignore upgrade header and serve request as a http/1 request. |
|
Though I have plans to add http/2 support to aiohttp |
|
@asvetlov I have the same issue as reported. aiohttp provides blank responses on some sites and it's because of this apparently. #2277 It seems to be related to mod_h2 in apache where the server always responds with Upgrade: h2 even if the client did not request it. Browsers and all other tools we've tested give the response just fine. aiohttp hangs for a bit and errors out based on stream not being readable. Commenting out this line fixes the issue (although it's not a real fix) This condition is also part of the problem, although I'm not sure I understand it. I'm fully aware the proposed fix is missing out on a lot of context ;) Glad to have this conversation. |
|
@fafhrd91 The issue here is really that the server includes the Upgrade: h2 header in the response even if the client does not request it. We actually found several cases of this, all of which were under Apache so far. Chunked response also, which kind of points towards that http_parser.py#L166 line. HTTP2 support would be great! |
|
“upgrade: h2” is standard http/2 upgrade process for clear connection upgrade. Spec states that server should respond with http/1 if it does not understand http/2. So this is actually aiohttp bug |
|
The patch could easily be reversed to use a black list on connection upgrade to h2 instead and still resolve the issue if the whitelist is too restrictive. It could possibly also be resolved higher in the stack. Let me know how I can help. |
|
Fixed on master. |
|
Thanks for taking care of this. For educational purposes, could you identify which commit fixes the issue? It would also help track which release the fix will be in. |
|
Sorry, I've missed concrete commit hash number. The master will be published as aiohttp 3.0 |
|
@lphuberdeau I think it's 79655eb. You can also check the commit in upstream, nodejs/http-parser@05525c5 |
|
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a [new issue] for related bugs. |
What do these changes do?
Fix issue #2277 by limiting connection upgrades to supported protocols. Currently only websocket as h2 and h2c are not supported.
There are no unit tests on this change as all my attempts caused the test to be skipped. Could use some help.
Are there changes in behavior for the user?
Responses will be obtained when the server advertises connection upgrades to http2 without the client requesting it.
Related issue number
#2277
Checklist
CONTRIBUTORS.txtCHANGESfolder<issue_id>.<type>for example (588.bug)issue_idchange it to the pr id after creating the pr.feature: Signifying a new feature..bugfix: Signifying a bug fix..doc: Signifying a documentation improvement..removal: Signifying a deprecation or removal of public API..misc: A ticket has been closed, but it is not of interest to users.