Ensure empty body response for 1xx/204/304 per RFC 9112 sec 6.3

[bdraco]

What do these changes do?

Transfer-Encoding and Content-Length will be removed from the server response when sending a 1xx (Informational), 204 (No Content), or 304 (Not Modified) status since no body is expected for these status codes

• Content-Length forbidden on 1xx/204 per https://datatracker.ietf.org/doc/html/rfc7230#section-3.3.2 and discouraged on 304 per https://datatracker.ietf.org/doc/html/rfc7232#section-4.1

We need to ensure Content-Length is kept for HEAD to ensure keep-alive works as expected and is allowed per https://datatracker.ietf.org/doc/html/rfc2616#section-14.13

• Transfer-Encoding removed per https://datatracker.ietf.org/doc/html/rfc9112#section-6.1

any recipient on the response chain (including the origin server) can remove transfer codings when they are not needed.

aiohttp would incorrectly send an body of 0\r\n\r\n when chunked was set for Transfer-Encoding with the above status code.

This change ensures aiohttp does not send these invalid bodies.

Are there changes in behavior for the user?

The Transfer-Encoding and Content-Length headers will be removed when sending a 1xx (Informational), 204 (No Content), or 304 (Not Modified) except for HEAD responses since these status since no body is expected for these status codes.

An invalid body of 0\r\n\r\n will no longer be sent with these status codes.

Related issue number

Checklist

• I think the code is well written
• Unit tests for the changes exist
• Documentation reflects the changes
• If you provide code modification, please add yourself to CONTRIBUTORS.txt
  • The format is <Name> <Surname>.
  • Please keep alphabetical order, the file is sorted by names.
• Add a new news fragment into the CHANGES folder
  • name it <issue_id>.<type> for example (588.bugfix)
  • if you don't have an issue_id change it to the pr id after creating the pr
  • ensure type is one of the following:
    • .feature: Signifying a new feature.
    • .bugfix: Signifying a bug fix.
    • .doc: Signifying a documentation improvement.
    • .removal: Signifying a deprecation or removal of public API.
    • .misc: A ticket has been closed, but it is not of interest to users.
  • Make sure to use full sentences with correct case and punctuation, for example: "Fix issue with non-ascii contents in doctest text files."

TODO:

• figure out why client closes connection on HEAD requests with content length
• figure out why client functional tests fail with AIOHTTP_NO_EXTENSIONS=1 test_keepalive_after_empty_body_status and test_keepalive_after_empty_body_status_stream_response -- They do not fail anymore after the fixed in Fix py http parser not treating 204/304/1xx as an empty body #7755
• timeline
• more functional testing

[codecov]

Codecov Report

Merging #7756 (8eebfe1) into master (af2bb1e) will increase coverage by 0.01%.
The diff coverage is 98.52%.

@@            Coverage Diff             @@
##           master    #7756      +/-   ##
==========================================
+ Coverage   97.36%   97.38%   +0.01%     
==========================================
  Files         106      106              
  Lines       31813    32000     +187     
  Branches     3639     3652      +13     
==========================================
+ Hits        30975    31162     +187     
  Misses        633      633              
  Partials      205      205              

Flag	Coverage Δ
CI-GHA	97.30% <98.52%> (+0.01%)	⬆️
OS-Linux	96.97% <98.52%> (+0.01%)	⬆️
OS-Windows	95.46% <98.52%> (+0.02%)	⬆️
OS-macOS	96.63% <98.52%> (+0.01%)	⬆️
Py-3.10.11	95.39% <98.52%> (+0.02%)	⬆️
Py-3.10.13	96.84% <98.52%> (+0.01%)	⬆️
Py-3.11.6	96.51% <98.52%> (+0.02%)	⬆️
Py-3.12.0	?
Py-3.8.10	95.35% <98.52%> (+0.02%)	⬆️
Py-3.8.18	96.76% <98.52%> (+0.01%)	⬆️
Py-3.9.13	95.35% <98.52%> (+0.02%)	⬆️
Py-3.9.18	96.79% <98.52%> (+0.01%)	⬆️
Py-pypy7.3.11	96.22% <98.52%> (+0.03%)	⬆️
VM-macos	96.63% <98.52%> (+0.01%)	⬆️
VM-ubuntu	96.97% <98.52%> (+0.01%)	⬆️
VM-windows	95.46% <98.52%> (+0.02%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files	Coverage Δ
aiohttp/helpers.py	95.69% <100.00%> (+0.03%)	⬆️
aiohttp/web_fileresponse.py	99.28% <100.00%> (ø)
tests/test_client_functional.py	98.50% <100.00%> (+0.06%)	⬆️
tests/test_helpers.py	99.07% <100.00%> (+0.03%)	⬆️
tests/test_web_functional.py	98.06% <100.00%> (+0.01%)	⬆️
tests/test_web_response.py	99.50% <100.00%> (+0.02%)	⬆️
aiohttp/web_response.py	97.72% <86.36%> (-0.19%)	⬇️

... and 1 file with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[Dreamsorcerer]

Thanks for digging into this, I didn't realise from the original issue that it was a response from aiohttp that was causing the problem.

[bdraco]

Probably could use a test to check the raw body from a 304 with chunked pass through as well for the proxy case so it doesn't accidentally add the bad body

[bdraco]

Need to figure out how I regressed

tests/test_client_functional.py::test_bad_payload_chunked_encoding[pyloop]

[bdraco]

So it looks like if writer.enable_chunking() isn't called which is now the case for HEAD it won't keep the connection alive...

need to figure that out later though as out of time

[bdraco]

Which also means we need keep-alive tests for 304/204/1xx

[bdraco]

There is still another issue here because in Response we also force content length "0" when content length is missing and the body is empty. This is probably for clients that don't handle implicit empty body well. We might need to do that in StreamResponse as well. Also the rfc for http 1.0 says content length 0 is invalid ... but in practice it might be better to keep it as is as I expect many clients actually rely on that from experience

Also there doesn't appear to be adequate coverage for validating how things behave with StreamResponse vs Response as well so might need to add that first and than back track and fix any discrepancies

Will need to reconcile that before addressing review comments

[Dreamsorcerer]

There is still another issue here because in Response we also force content length "0" when content length is missing and the body is empty. This is probably for clients that don't handle implicit empty body well.

I think that is needed for the client to know where the message ends. The only exception where it would be acceptable to have no content-length header is when the body must be empty (or chunked is being used):
https://www.rfc-editor.org/rfc/rfc9110#section-8.6-5

Also the rfc for http 1.0 says content length 0 is invalid

It says "Any Content-Length greater than or equal to zero is a valid value."

[bdraco]

It says "Any Content-Length greater than or equal to zero is a valid value."

Right on, I mentally dropped the equal when I read that

[patchback]

Backport to 3.9: 💔 cherry-picking failed — conflicts found

❌ Failed to cleanly apply f63cf18 on top of patchback/backports/3.9/f63cf18fec3e8e6608c7fe7bff9f46a0976f6c25/pr-7756

Backporting merged PR #7756 into master

1. Ensure you have a local repo clone of your fork. Unless you cloned it
   from the upstream, this would be your origin remote.
2. Make sure you have an upstream repo added as a remote too. In these
   instructions you'll refer to it by the name upstream. If you don't
   have it, here's how you can add it:

   $ git remote add upstream https://github.com/aio-libs/aiohttp.git

3. Ensure you have the latest copy of upstream and prepare a branch
   that will hold the backported code:

   $ git fetch upstream
   $ git checkout -b patchback/backports/3.9/f63cf18fec3e8e6608c7fe7bff9f46a0976f6c25/pr-7756 upstream/3.9

4. Now, cherry-pick PR Ensure empty body response for 1xx/204/304 per RFC 9112 sec 6.3 #7756 contents into that branch:

   $ git cherry-pick -x f63cf18fec3e8e6608c7fe7bff9f46a0976f6c25

   If it'll yell at you with something like fatal: Commit f63cf18fec3e8e6608c7fe7bff9f46a0976f6c25 is a merge but no -m option was given., add -m 1 as follows instead:

   $ git cherry-pick -m1 -x f63cf18fec3e8e6608c7fe7bff9f46a0976f6c25

5. At this point, you'll probably encounter some merge conflicts. You must
   resolve them in to preserve the patch from PR Ensure empty body response for 1xx/204/304 per RFC 9112 sec 6.3 #7756 as close to the
   original as possible.
6. Push this branch to your fork on GitHub:

   $ git push origin patchback/backports/3.9/f63cf18fec3e8e6608c7fe7bff9f46a0976f6c25/pr-7756

7. Create a PR, ensure that the CI is green. If it's not — update it so that
   the tests and any other checks pass. This is it!
   Now relax and wait for the maintainers to process your pull request
   when they have some cycles to do reviews. Don't worry — they'll tell you if
   any improvements are necessary when the time comes!

🤖 @patchback
I'm built with octomachinery and
my source is open — https://github.com/sanitizers/patchback-github-app.

[bdraco]

I'll get the backport done shortly

[bdraco]

Thanks @Dreamsorcerer