Consider a large HTTP request:
POST /upload HTTP/1.1
Content-Type: multipart/form-data
Content-Length: 1048576
...
The client now begins uploading a megabyte of data, which may take a while. However, the server determines that HTTP authorization is needed, so it decides it will respond with HTTP 401 Unauthorized
.
MUST the server wait until it has received the entire request (IE, headers + CRLF CRLF + Content-Length
bytes) before it can respond?
In practical terms, will such behavior break any browsers? Do browsers continue uploading the file anyway, or will they stop transmitting if they receive a 'premature' response?
More importantly, in this scenario, will they be able to successfully authenticate and begin the upload again (with credentials), or is it unreliable to cut off the upload like this?
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…