diff --git a/ironic_inspector/main.py b/ironic_inspector/main.py index c7e8a5c22..8dc3f8c48 100644 --- a/ironic_inspector/main.py +++ b/ironic_inspector/main.py @@ -154,7 +154,21 @@ def _generate_empty_response(code): # be included for user friendly response bodies. if code == 204: response = flask.make_response('', code) + # NOTE(TheJulia): Explicitly set a content length to zero. + # as this is the *lesser* of all evils until + # https://github.com/eventlet/eventlet/issues/746 + # is resolved. + response.headers['Content-Length'] = 0 response.mimetype = 'text/plain' + + def _return_headers(cls): + # Dynamically re-maps over get_wsgi_headers() method in + # which werkzueg strips the content-length and sets us up + # for eventlet forcing in a Transfer-Encoding: chunked + # header. + return response.headers + + response.get_wsgi_headers = _return_headers else: # Send an empty dictionary to set a mimetype, and ultimately # with this being a rest API we can, at some point, choose to diff --git a/ironic_inspector/test/unit/test_main.py b/ironic_inspector/test/unit/test_main.py index 60566c5f3..da8fe56d9 100644 --- a/ironic_inspector/test/unit/test_main.py +++ b/ironic_inspector/test/unit/test_main.py @@ -642,6 +642,12 @@ class TestApiRules(BaseAPITest): delete_mock.assert_called_once_with(self.uuid) self.assertEqual('text/plain; charset=utf-8', res.headers['content-type']) + # NOTE(TheJulia): This should be able to be removed once + # https://github.com/eventlet/eventlet/issues/746 + # is resolved and available. This ensures we don't + # send out a content length header out which is the + # less evil of the RFC7230 broken-ness. + self.assertEqual('0', res.headers['Content-Length']) class TestApiMisc(BaseAPITest): diff --git a/releasenotes/notes/handle_eventlet_wsgi_evil_override-3905c6eef0ad7fa3.yaml b/releasenotes/notes/handle_eventlet_wsgi_evil_override-3905c6eef0ad7fa3.yaml new file mode 100644 index 000000000..a356a16bf --- /dev/null +++ b/releasenotes/notes/handle_eventlet_wsgi_evil_override-3905c6eef0ad7fa3.yaml @@ -0,0 +1,19 @@ +--- +issues: + - | + The response headers for empty body HTTP 204 replies, at present, violate + RFC7230. This was not intentional, but underlying libraries also + make inappropriate changes to the headers, which can cause clients to + experience odd failures. This is anticipated to be corrected once an + underlying issue in + `eventlet `_ is resolved. +fixes: + - | + Fixes HTTP responses so the Eventlet library, which is used to support + the operation of the WSGI application, does not incorrectly inject + a ``Transfer-Encoding`` header into the HTTP response, even on HTTP 204 + replies, which is a violation of RFC7230. This header ultimately can + cause varying client reactions which are not expected and can raise + exceptions. For now, this has been remedied via an explicit return of + a ``Content-Length`` header, which is also an RFC7230 violation, but + it appears to be the lesser of known evils at this time.