commit 1acbef181d4675565c76b313d3cc14a5f0302703
author Maxim Dounin <mdounin@mdounin.ru> Mon Jun 28 18:01:06 2021 +0300
committer Maxim Dounin <mdounin@mdounin.ru> Mon Jun 28 18:01:06 2021 +0300
tree bd21103b535e3375e2e91aa789d1dd8aa0d13f4e
parent 12790af93730924f04993d25bd232a5ff6a58d76

Disabled requests with both Content-Length and Transfer-Encoding.

HTTP clients are not allowed to generate such requests since Transfer-Encoding
introduction in RFC 2068, and they are not expected to appear in practice
except in attempts to perform a request smuggling attack.  While handling of
such requests is strictly defined, the most secure approach seems to reject
them.