It's gems like this that make me love the standards-creation process:
When a Content-Length is given in a message where a message-body is allowed, its field value MUST exactly match the number of OCTETs in the message-body. HTTP/1.1 user agents MUST notify the user when an invalid length is received and detected.
That last sentence is key. The entire quote is the last paragraph of RFC 2616 (Hypertext Transfer Protocol—HTTP/1.1), section 4.4. Oddly, as a user I have yet to encounter an implementation of this RFC that actually fulfilled this MUST-level requirement. Thank God.Posted by bzbarsky at April 30, 2009 1:20 AM