Lighttpd

Hei hei,

when debugging some old web applications here I came across a behaviour of lighttpd which bothers me a litte or let's says motivates me to some curious question.

I have some piece of buggy software here creating a wrong HTTP request, wrong in that way, it has no CRLF line endings as defined in RFC 2616 [1] for HTTP/1.1 but only LF. The RFC states in section 19.3:

The line terminator for message-header fields is the sequence CRLF.
However, we recommend that applications, when parsing such headers,
recognize a single LF as a line terminator and ignore the leading CR.

It seems lighttpd simply ignores such broken requests, silently (Apache 1.3.x accepts these btw). I had a look in the code of lighttpd 1.4.29 and I guess the code responsible is in file request.c line 333 to 542, isn't it? If yes, lighttpd always looks for \r first so lines without \r aka CR are not recognized as lines.

Now my questions: is this intentionally and if yes, why? If no: should I file a bug or feature request on this? And if no: what do you think how long would it take to develope a reliable »fix« for this?

(Yes, I should consider fixing the old buggy software creating the wrong requests, but this is not as easy as it may seem. O:-) )

thanks & greets
Alex

[1] https://tools.ietf.org/html/rfc2616#section-19.3