Bug: Content Length set incorrectly for GET requests

[austince]

trafficstars

The content length is set to 2, even though there is no body. I've tracked this down to the proxy.bodyContent being set to an empty object, which is then translated to "{}". This makes the requests invalid according to the HTTP spec, or so I'm told by a large company that has started rejecting these requests as malformed.

[austince]

Fixed this by setting the parseBody option to false, though I still believe that it should be either:
a) enforced by default
b) empty bodies should be translated to "" instead of {} c) GET requests should automatically override this to ""

[monkpow]

Thanks for this report, I'll look into it.

[webberig]

I started encountering the same problem as soon as I deployed the backend service to Google App Engine. The proxy works fine when everything is running locally on my machine, but requests to the Google cloud platform started returning 400 Bad request errors.

[chalcedonyt]

Thanks for fixing this @brumar

[fs-projects]

Hello Everyone,

I am able to reproduce this issue in express-http-proxy version 1.6.3. My GET requests are blocked by my client due to this exact same issue. This is the exact reason they shared to me stating that the content-length header is having value 2 in your all GET requests which is not a right practice and could be malicious.

For now I have used the workaround as shared above with only difference that in my case that variable is parseReqBody instead of parseBody.

Can someone please tell me if this bug was ever fixed ? Or has it resurfaced again?

[rogeriochaves]

@fs-projects yeah, can confirm, I downgraded to 1.6.2 and it was also not fixed there, I've even tried the PR linked above, but no success. I think it was never fixed