Module

_fast_h1

Fast HTTP/1.1 parser for the sync worker — replaces h11 on the hot path.

Parses request lines and headers directly from bytes using split/index operations (~3 µs vs ~22 µs for h11) while enforcing the same safety checks that matter for real-world deployment:

  • Method validation (rejects unknown methods)
  • Header size limit (prevents memory exhaustion)
  • Null byte / control character injection in targets and header names
  • Duplicate Content-Length detection (request smuggling vector)
  • Content-Length + Transfer-Encoding conflict (RFC 7230 §3.3.3)
  • Negative or non-numeric Content-Length rejection
  • Chunked Transfer-Encoding detection (returns flag so caller can handle)

Not a full HTTP parser — does not handle:

  • Chunked body decoding (caller must handle or reject)
  • Obs-fold header continuation lines (obsolete since RFC 7230)
  • Trailer headers
1Class1Function

Classes

ParseError 0
Raised when the request is malformed and the connection should close.

Raised when the request is malformed and the connection should close.

Functions

parse_request 2 tuple[RequestReceived | …
Parse an HTTP request from a buffer.
def parse_request(buf: memoryview, length: int) -> tuple[RequestReceived | None, bytes, int, bool]
Parameters
Name Type Description
buf memoryview
length int
Returns
tuple[RequestReceived | None, bytes, int, bool]