PSA: a bug in Hyper makes GET requests after POST fail

[golddranks]

hyperium/hyper#309 This bug causes quite strange behaviour, and the fix seems not to be released yet:

A POST login page that returns a 303 (a good practice) may cause the following request fail, because Hyper doesn't read the previous request to the end unless it's needed, and when it reads the next request using a keep-alive connection, the body of the previous request gets read as garbage in the front.

The workaround is to read the body manually in the request, for example, by calling request.form().

Maybe pencil could release a workaround fix that reads the request bodies to the end (or, if there's a huge amount of data, drops the connection), until the bug in Hyper is fixed? For example, there's a middleware for Iron that already does that: https://crates.io/crates/iron-drain Maybe pencil should do that also.

[seanmonstar]

The possibly safer thing for the middlware to do is to set Connection: close on the response if the request is not going to be read to the end. The danger in draining is if the request payload is super huge, gigabytes of data, and a middleware blindly just keeps reading. It could perhaps also drain up to a limit, before deciding the connection just needs to die.