Module

_fast_h1

Fast HTTP/1.1 parser for the sync worker — replaces h11 on the hot path.

Parses request lines and headers directly from bytes using split/index operations (~3 µs vs ~22 µs for h11) while enforcing the same safety checks that matter for real-world deployment:

  • Method validation (rejects malformed method tokens per RFC 9110)
  • Header size limit (prevents memory exhaustion)
  • Null byte / control character injection in targets and header names
  • Duplicate Content-Length detection (request smuggling vector)
  • Content-Length + Transfer-Encoding conflict (RFC 7230 §3.3.3)
  • Negative or non-numeric Content-Length rejection
  • Chunked Transfer-Encoding detection (returns flag so caller can handle)

Not a full HTTP parser — does not handle:

  • Chunked body decoding (caller must handle or reject)
  • Obs-fold header continuation lines (obsolete since RFC 7230)
  • Trailer headers
1Function

Functions

parse_request 4 tuple[RequestReceived | …
Parse an HTTP request from a buffer.
def parse_request(buf: memoryview, length: int, *, max_headers: int = 100, max_header_size: int = _MAX_HEADER_SIZE) -> tuple[RequestReceived | None, bytes, int, bool]
Parameters
Name Type Description
buf memoryview
length int
max_headers int Default:100
max_header_size int Default:_MAX_HEADER_SIZE
Returns
tuple[RequestReceived | None, bytes, int, bool]