-1

The Question:

Client asks for:

Range:bytes=0-

Server responds with:

Content-Length:8396748
Content-Range:bytes 0-8396747/8396748

I want to limit that Content-Range to 1MB chunks so the server would respond like this:

Content-Length:1000000
Content-Range:bytes 0-999999/8396748

How can I make Apache/2.2.22 do this?

Regarding "What are you trying to accomplish?":

It is desirable if for (one of many) examples a user returns to an HTML5 video with auto play, pauses the video and is only interested in responding to a comment on the same page. In this example it would be unnecessarily costly to transfer the whole 128GB (current YouTube max) when the user only consumes a few MB.

Regarding "Is that valid rfc7233?":

  • One of the 4 Authors of rfc7233 said it's valid and that

    the protocol anticipates that the server might not send the same range[s] as requested

  • It works in Firefox and Chrome.
  • Not supporting it would break resuming an interrupted download.
Community
  • 1
user1133275
  • 219
  • 1
  • 11
  • If you check the "mitigation" section of CVE-2011-somethingorother (xrange dos) there's some instructions for messing with your range headers using apache env variables or something? Try reading https://httpd.apache.org/security/CVE-2011-3192.txt – Some Linux Nerd May 06 '15 at 21:41
  • @some that's number of ranges not range size and regex can't help as it was not designed to count. – user1133275 May 07 '15 at 00:39
  • 2
    What are you trying to accomplish? There's no obvious good reason to do this at all. – Michael Hampton May 07 '15 at 01:03
  • @user1133275 Why are you trying to request the entire entity bytes then ? How is it better than a standard request in your case since the entire content is requested and available ? – Xavier Lucas May 07 '15 at 12:40
  • You need to read RFC 7233 very carefully. The client request shown here does not permit the server to "select the chunk size it prefers"; it actually requests the entire resource. – Michael Hampton May 07 '15 at 13:39
  • Again, **you need to read and understand the RFC in its entirety**. But the tiny part mentioned here is: "If the last-byte-pos value is absent, or if the value is greater than or equal to the current length of the representation data, the byte range is interpreted as the remainder of the representation (i.e., the server replaces the value of last-byte-pos with a value that is one less than the current length of the selected representation)." – Michael Hampton May 07 '15 at 15:39
  • Providing a different byte-range server-side than what's requested doesn't comply with RFC 7233 : *"The 206 (Partial Content) status code indicates that the server is successfully fulfilling a range request for the target resource by transferring one or more parts of the selected representation that correspond to the satisfiable ranges found in the request's Range header field"*. – Xavier Lucas May 07 '15 at 15:50
  • *"If all of the preconditions are true, the server supports the Range header field for the target resource, and the specified range(s) are invalid or unsatisfiable, the server SHOULD send a 416 (Range Not Satisfiable) response."* – Xavier Lucas May 07 '15 at 15:51
  • I did not miss anything; you did not understand it. For the third time, go read the RFC carefully. – Michael Hampton May 07 '15 at 15:56
  • @MichaelHampton I have clarified the question somewhat please let me know if you still think it deserves a down vote. – user1133275 May 09 '15 at 00:10
  • @XavierLucas, I have updated the question please update your response. – user1133275 May 11 '15 at 20:03

1 Answers1

0

Apache has not implemented this feature yet.

I write my own implementation in php., works nicely and is only about 20 lines.

One could use any language though (module/php/perl/python/etc).

user1133275
  • 219
  • 1
  • 11