As described at http://dotnetjunkies.com/WebLog/afontes/archive/2004/10/15/28726.aspx
motion headers cause HTTP protocol violation when using DOT.NET
The HTTP header keys for example shoud specifically not include any spaces in their names. However, some web servers do not fully respect standards they’re meant to.
Applications running on the Dotnet framework and making heavy use of http requests usually use the “httpWebRequest” class, which encapsulates everything a web oriented developer could dream of. With all the recently issues related to security, the “httpWebRequest” class provides a self protection mechanism preventing it to accept HTTP answers which not fully qualify to the specifications.
The common case is having a space in the ‘content-length’ header key. The server actually returns a “content length” key, which, assuming no spaces are allowed, is considered as an attack vector (HTTP response split attack), thus, triggering a “HTTP protocol violation error” exception.
WebRequest request = WebRequest.Create("http://192.168.0.1:8081");
WebResponse response = request.GetResponse();
| Motion version:
| ffmpeg version:
| Shared libraries:
|| curl, xmlrpc, ffmpeg, mysql, postgresql
| Server OS:
|| Fedora Core 3
- 02 May 2005
I do not understand the issue. And I cannot reproduce the issue because that requires that I learn .net programming first and I have no intention to spend time on that.
What exactly is wrong with the headers? I see no spaces in the header names. I see "-". What do you propose changed?
This is the relevant code
fprintf(new->fwrite, "HTTP/1.1 200 OK\n");
fprintf(new->fwrite, "Server: Motion/"VERSION"\n");
fprintf(new->fwrite, "Connection: close\n");
fprintf(new->fwrite, "Max-Age: 0\n");
fprintf(new->fwrite, "Expires: 0\n");
fprintf(new->fwrite, "Cache-Control: no-cache\n");
fprintf(new->fwrite, "Cache-Control: private\n");
fprintf(new->fwrite, "Pragma: no-cache\n");
fprintf(new->fwrite, "Content-type: multipart/x-mixed-replace;boundary=BoundaryString\n");
and the small header
fprintf(list->fwrite, "Content-type: image/jpeg\n");
fprintf(list->fwrite, "Content-Length: %ld\n\n", list->tmpfile->size-1);
- 02 May 2005
OK, I will work with the motion source I have and find out why System.net classes in .NET are complaining and let you know my findings
- 03 May 2005
HTTP Headers mustbe \r\n, see my bug report with correct webcam.c
- 05 May 2005
This patch fixes the bug
- 06 May 2005
Fixed in http://www.lavrsen.dk/twiki/bin/view/Motion/MotionRelease3x2x1snap16
- 08 May 2005