Set StatusCode before disposing HttpContext (#876)

[mikeharder]

Recommend ignoring whitespace when viewing the diff: https://github.com/aspnet/KestrelHttpServer/pull/993/files?w=0

Addresses #876

@halter73, @CesarBS, @JunTaoLuo

[halter73]

I think this should be called even if _requestAborted is true. This can be the case if the app calls HttpContext.Abort(). Might want to add a test for that.

It will also probably require another finally block because messageBody.Consume(); can throw too.

[mikeharder]

Thanks, I will investigate further. This code was changed recently in 3186e1b.

CC: @CesarBS

[mikeharder]

Currently, if the app calls HttpContext.Abort(), then HttpContext.Response.StatusCode will be 200 when it's disposed (which appears in the logs). I agree this seems wrong. However, if the app aborts the request then no status code is sent to the client, so the status of the request is technically undefined.

What should HttpContext.Response.StatusCode be in this case? We can set it to 500 which is arguably better than 200, but something like null or -1 (property is an int rather than HttpStatusCode) might be more appropriate.

[benaadams]

503? Service Unavailable

[mikeharder]

Perhaps HttpContext.Response.StatusCode should just be ignored in this case, and the logging code should check HttpContext.RequestAborted, and display something other than the status code (e.g. "aborted").

[mikeharder]

@benaadams: I think HttpContext.Response.StatusCode should remain whatever it was before the request was aborted, which is already working with my current changes. This seems like a separate issue of whether logging should differentiate between completed and aborted requests.

[mikeharder]

One edge case currently not handled, is an app which calls HttpContext.Abort() and then throws an exception, which should probably result in HttpContext.Response.StatusCode = 500. We can try to call ProduceEnd() even if the request has been aborted, which will correct set the status code, but I'm not sure if ProduceEnd() assumes the request was not aborted.

[benaadams]

Not changing it to something related to it being aborted might confuse automated log parsing?

[cesarblum]

Check the failures on Travis - you might need to update those tests that failed.

[halter73]

EngineTests.NoResponseSentWhenConnectionIsClosedByServerBeforeClientFinishesSendingRequest seems to be failing because ProduceEnd was moved outside the if block.

[cesarblum]

I'm not sure that's the case. That test calls Abort(), which will close the connection, so anything written after that (the error response written by ProduceEnd() should not be received by the client.

[cesarblum]

This looks a bit awful. An alternative would be to call DisposeContext() is the catch block for BadHttpRequestException (this is addressing what @halter73 pointed out - DisposeContext() won't be called if messageBody.Consume() throws because of a malformed request.

[halter73]

I think we can get rid of the finally above. I've wanted to clean up the control flow of this method for a while. It's not exactly buggy, but i's confusing because it's not immediately clear what we expect can throw.

[halter73]

To be clear, not this finally, but the one after catch { ReportApplicationError }.

[halter73]

My suggestion is that we have a new try immediately after _application.CreateContext(this);. This try block would continue all the way until this finally.

Yes. This means you would have try { try { await _application.ProcessRequestAsync(context).ConfigureAwait(false); } catch { ..., but at least that's easier to follow.

[cesarblum]

Ping.

[mikeharder]

[cesarblum]

Updated. @halter73 I'm setting status code to 0 when the request is aborted and no response has started.

[halter73]

Do you think StopStreams() should go in the finally?

[halter73]

How does this interact with TryProduceInvalidRequestResponse()?

[cesarblum]

I'm thinking I should move await TryProduceInvalidRequestResponse(); inside the check for _requestAborted == 0.

[halter73]

We should have a test for when the app actual reads the request body, and the swallows the exception or doesn't.

[cesarblum]

@halter73 5b03f68 splits request rejection and setting bad request state in Frame, as we dicussed yesterday.

[cesarblum]

I'll add a test that validates that an app can write it's own 400 response if it chooses to handle a BadHttpRequestException.

[halter73]

Shouldn't _requestRejectedException be set in RejectRequest?

[cesarblum]

I think this is the appropriate place to set that. Connection calls SetBadRequestState() when a time out occurs, and that will be picked up by later by TryProduceInvalidRequestResponse(). Besides, _requestRejectedException is state too.

[halter73]

SingleErrorResponseSentWhenAppSwallowsBadRequestException is failed on the last commit on AppVeyor. It was testing this commit where the TCP loopback fast path code was already removed.

[cesarblum]

TestConnection is failing to receive data when the FIN handshake isn't completed and the server sends an RST. My guess is that the shutdown callback is called before the FIN handshake is done, and the RST is sent when we dispose the socket.

It's a weird issue though since the response data was sent by the server (can see it in Message Analyzer), but it looks as if you can't read buffered data if the connection was reset. The problem is probably all the way down in winsock - we've seen a similar issue in the past.

[cesarblum]

The test failure is not related to this PR. Any more feedback?

[halter73]

Add comment that this is for bad request data in the request body (not start line/headers) and SetBadRequestState can't be called later because _application.DisposeContext logs the status code.

[cesarblum]

Added comments.

[halter73]