Regarding non-finite response bodies

Björn Wärmedal bjorn.warmedal at gmail.com
Tue Nov 17 08:35:42 GMT 2020

Previous message (by thread): SPOOFED: Regarding non-finite response bodies
Next message (by thread): Regarding non-finite response bodies
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> [...] It
> relies upon a presumption about the specification which is poorly
> supported: that all Gemini requests are finite.
> [...]
> Nothing in the specification prohibits Gemini responses from being
> non-finite, and in fact if clients presume this will be the case then
> they'll be easily exploited by servers which simply forward /dev/zero
> into the connection and never terminate, leading to OOM crashes or disk
> space exhaustion.

This is interesting. I'm writing a python lib for handling gemini
requests, to simplify browser development. I just assumed that
responses are finite, and as my code works now a method initiates a
request, receives the response, builds a response object and returns
it to the caller.

If responses can be infinite this will indeed cause OOM errors and
crash, and the caller won't know what hit 'em. Should I be reading the
header and return a response object that contains an open socket
instead of a byte array? Can we assume that browser developers
understand this ambiguity and handle it correctly?

- ew0k

Previous message (by thread): SPOOFED: Regarding non-finite response bodies
Next message (by thread): Regarding non-finite response bodies
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list