>The IPP WG would really like clarification on this point: Is the intent of
>the HTTP/1.1 spec to say that an HTTP/1.1 server MAY reject any request
>without a defined Content-Length? This would imply that a conformant
>HTTP/1.1 server MAY reject any request with the "chunked" transfer-coding.
Yes. A conformant HTTP/1.1 server MAY reject any request for any reason,
just one of them being 411 Length Required. There would be no reason to
define 411 if it could never be used by a conformant server. The wording
in the spec is poor -- it should have said that an HTTP/1.1 application
is required to understand the "chunked" transfer-coding, not accept it,
since it is referring to message parsing and not the response status.
Why is this necessary? Because an Internet protocol cannot require a
server to accept denial of service attacks.