Menu

#78 Ajax POST requests to NaviServer/4.99.13 fail.

Bug
closed
gustafn
None
5
2016-11-12
2016-11-11
Anthony Bennett
No

The post request fails due to a content-header issue. Force the content header to "application/x-www-form-urlencoded" to work around the problem.

var x = new XMLHttpRequest();
var url = "http://mydomain"
x.open("POST", url);
x.setRequestHeader("content-type", "application/x-www-form-urlencoded");
x.onreadystatechange = function() {
  console.log(x.status);
  console.log(x.statusText);
  console.log(x.readyState);
  console.log(x.responseText);
  console.log(x.resposneXML);
  console.log(x.getAllResponseHeaders());
};

x.send("a=123&b=456&c=789");

Discussion

  • gustafn

    gustafn - 2016-11-12

    This report refers probably to a bug-fix in 4.99.11 (see NEWS file); in earlier versions of naviserver, the content parser for www-form-urlencoded content was applied to ALL POST content of post requests, leading to potentatial memory bloats (when e.g. large binary content was transmitted via POST), strange results (when the content was e.g. json encoded) and in some cases to crashes (potentially invalid UTF8). Therefore, the parsing for url-encoded content is now only performed, when requested by the client via the content type.

    Below are two test scripts based on the submitted report to show the behavior in detail.

    Please feel free to reopen the issue, in case i misunderstood the issue.

    bug78-client.tcl

    #
# Sender of POST requests.
#
set url "[ns_conn proto]://localhost:[ns_config -int [ns_driversection] port]/bug78.tcl"

ns_return 200 text/html [subst {<html>
    <script type='text/javascript'>
    function xhr(contentType) {
    var x = new XMLHttpRequest();
    x.open("POST", "$url");
    if (contentType != null) {
        x.setRequestHeader("content-type", contentType);
    }
    x.onreadystatechange = function() {
        console.log(x.status);
        console.log(x.statusText);
        console.log(x.readyState);
        console.log(x.responseText);
        console.log(x.getAllResponseHeaders());
        document.getElementById('result').innerHTML =
        'Reply results:\\n' 

        + x.status + ' ' + x.statusText + ' ' + x.readyState + '\\n\\n' 
        + x.getAllResponseHeaders() + x.responseText;
    };

    x.send("a=123&b=456&c=789");
    };
    </script>
    <body>
    <h1>Bug 78</h1>
    <pre>
    url: $url
    </pre>
    <ul>
    <li><a href='#' onclick='xhr("application/x-www-form-urlencoded");'>start XMLHttpRequest with content type</a>
    <li><a href='#' onclick='xhr();'>start XMLHttpRequest with no content type</a>
    </ul>
    <pre id='result'></div>
    </pre>
}]

    bug78.tcl

    #
# Reveiver of the POST request
#
set _ ""; foreach {att value} [ns_set array [ns_conn headers]] {append _ "$att: $value\n"}
ns_return 200 text/plain [subst {
===========================================
Request headers:
$_
Raw content: [ns_getcontent -as_file false]
Form ns_set: [ns_getform] 
Form ns_set content: [ns_set array [ns_getform]]

driver: [ns_conn driver]
Files: [ns_conn files]
===========================================
}]
     

  • gustafn

    gustafn - 2016-11-12
    • status: open --> closed
    • assigned_to: gustafn
     

Log in to post a comment.

MongoDB Logo MongoDB