The code in
BaseHTTPServer.BaseHTTPRequestHandler.parse_request says
try:
version_number =
float(version.split('/', 1)[1])
except ValueError:
self.send_error(400, "Bad request
version (%s)" % `version`)
return False
if version_number >= 1.1 and
self.protocol_version >= "HTTP/1.1":
self.close_connection = 0
if version_number >= 2.0:
self.send_error(505,
"Invalid HTTP Version
(%f)" % version_number)
This does not agree with the HTTP/1.1 spec which states
Note that the major and minor numbers MUST be treated
as separate
integers and that each MAY be incremented higher than a
single
digit. Thus, HTTP/2.4 is a lower version than
HTTP/2.13, which in turn
is lower than HTTP/12.3. Leading zeros MUST be ignored
by recipients
and MUST NOT be sent.
I also noticed there were errors if the version string
was "HTTP/1.2.3" or even simply "BLAH". I've fixed
them so they don't give tracebacks.
Finally, if there is an error in the parsing, it calls
the 'send_error'
method, which does a check if 'self.command' is a HEAD.
However,
if there's an error parsing the first line of the HTTP
request the
self.command wasn't yet set, so I forced self.command
to initialized to None before doing anything which can
yield an error.
Patch is attached.
|