Always wrap wsgi.input with LimitedLengthFile, even when using the ContinueHook. Also always use ContinueHook when there is Expect: 100-Continue, even if the server is supposed to be HTTP/1.0 (because the client wouldn't know the server version when it sends the request; curl notable stalls waiting for a continue)

1 files changed, 8 insertions, 9 deletions

diff --git a/paste/httpserver.py b/paste/httpserver.py
index 7865fce..cd21713 100755
--- a/paste/httpserver.py
+++ b/paste/httpserver.py
@@ -186,16 +186,15 @@ class WSGIHandlerMixin:
         (server_name, server_port) = self.server.server_address[:2]
 
         rfile = self.rfile
-        if 'HTTP/1.1' == self.protocol_version and \
-                '100-continue' == self.headers.get('Expect','').lower():
-            rfile = ContinueHook(rfile, self.wfile.write)
+        # We can put in the protection to keep from over-reading the
+        # file
+        try:
+            content_length = int(self.headers.get('Content-Length', '0'))
+        except ValueError:
+            content_length = 0
+        if '100-continue' == self.headers.get('Expect','').lower():
+            rfile = LimitedLengthFile(ContinueHook(rfile, self.wfile.write), content_length)
         else:
-            # We can put in the protection to keep from over-reading the
-            # file
-            try:
-                content_length = int(self.headers.get('Content-Length', '0'))
-            except ValueError:
-                content_length = 0
             if not hasattr(self.connection, 'get_context'):
                 # @@: LimitedLengthFile is currently broken in connection
                 # with SSL (sporatic errors that are diffcult to trace, but