The Fix
Upgrade to version 0.17.2 or later.
Based on closed Kludex/uvicorn issue #1345 · PR/commit linked
Production note: Most teams hit this during upgrades or environment changes. Roll out with a canary and smoke critical endpoints (health, OpenAPI/docs) before 100%.
@@ -1,5 +1,13 @@
# Change Log
+## 0.17.2 - 2022-02-03
+
+### Fixed
repro.py
"Invalid HTTP request received."
Traceback (most recent call last):
File "/usr/local/lib/python3.10/site-packages/uvicorn/protocols/http/httptools_impl.py", line 132, in data_received
self.parser.feed_data(data)
File "httptools/parser/parser.pyx", line 212, in httptools.parser.parser.HttpParser.feed_data
httptools.parser.errors.HttpParserInvalidMethodError: Invalid method encountered
verify
Re-run the minimal reproduction on your broken version, then apply the fix and re-run.
fix.md
Option A — Upgrade to fixed release\nUpgrade to version 0.17.2 or later.\nWhen NOT to use: This fix should not be applied if the application requires the changes introduced in PR #1332.\n\n
Why This Fix Works in Production
- Trigger: return request('post', url, data=data, json=json, **kwargs)
- Mechanism: The connection issues were caused by changes in the HTTP parser handling large POST requests
- Why the fix works: Release 0.17.2 reverts changes that caused connection issues with large POST requests. (first fixed release: 0.17.2).
Production impact:
- If left unfixed, the same config can fail only in production (env differences), causing startup failures or partial feature outages.
Why This Breaks in Prod
- Shows up under Python 3.10 in real deployments (not just unit tests).
- The connection issues were caused by changes in the HTTP parser handling large POST requests
- Surfaces as: File "/usr/local/lib/python3.10/site-packages/requests/api.py", line 117, in post
Proof / Evidence
- GitHub issue: #1345
- Fix PR: https://github.com/encode/uvicorn/pull/1356
- First fixed release: 0.17.2
- Reproduced locally: No (not executed)
- Last verified: 2026-02-09
- Confidence: 0.85
- Did this fix it?: Yes (upstream fix exists)
- Own content ratio: 0.43
Discussion
High-signal excerpts from the issue thread (symptoms, repros, edge-cases).
“Now resolved in 0.17.2 - https://github.com/encode/uvicorn/pull/1356”
“The solution I propose is to revert both. PRs were created: - https://github.com/encode/uvicorn/pull/1354 - https://github.com/encode/uvicorn/pull/1355 (branch on top of the above) Both memory leak and…”
“I had the same issue with PATCH too and it wasn't consecutive PATCH/POST requests only, there were consecutive GET and OPTIONS requests between these invalid…”
“I can also confirm that this issue occurs for uvicorn=0.17.1. Tried to add the Expect: 100-continue header per @smeinecke's suggestion, but that did not resolve…”
Failure Signature (Search String)
- return request('post', url, data=data, json=json, **kwargs)
Error Message
Stack trace
error.txt
Error Message
-------------
File "/usr/local/lib/python3.10/site-packages/requests/api.py", line 117, in post
return request('post', url, data=data, json=json, **kwargs)
File "/usr/local/lib/python3.10/site-packages/requests/api.py", line 61, in request
return session.request(method=method, url=url, **kwargs)
File "/usr/local/lib/python3.10/site-packages/requests/sessions.py", line 529, in request
resp = self.send(prep, **send_kwargs)
File "/usr/local/lib/python3.10/site-packages/requests/sessions.py", line 645, in send
r = adapter.send(request, **kwargs)
File "/usr/local/lib/python3.10/site-packages/requests/adapters.py", line 501, in send
raise ConnectionError(err, request=request)
requests.exceptions.ConnectionError: ('Connection aborted.', RemoteDisconnected('Remote end closed connection without response'))
Stack trace
error.txt
Error Message
-------------
"Invalid HTTP request received."
Traceback (most recent call last):
File "/usr/local/lib/python3.10/site-packages/uvicorn/protocols/http/httptools_impl.py", line 132, in data_received
self.parser.feed_data(data)
File "httptools/parser/parser.pyx", line 212, in httptools.parser.parser.HttpParser.feed_data
httptools.parser.errors.HttpParserInvalidMethodError: Invalid method encountered
Minimal Reproduction
repro.py
"Invalid HTTP request received."
Traceback (most recent call last):
File "/usr/local/lib/python3.10/site-packages/uvicorn/protocols/http/httptools_impl.py", line 132, in data_received
self.parser.feed_data(data)
File "httptools/parser/parser.pyx", line 212, in httptools.parser.parser.HttpParser.feed_data
httptools.parser.errors.HttpParserInvalidMethodError: Invalid method encountered
Environment
- Python: 3.10
What Broke
Consecutive POST requests resulted in connection errors and invalid HTTP method logs.
Why It Broke
The connection issues were caused by changes in the HTTP parser handling large POST requests
Fix Options (Details)
Option A — Upgrade to fixed release Safe default (recommended)
Upgrade to version 0.17.2 or later.
When NOT to use: This fix should not be applied if the application requires the changes introduced in PR #1332.
Use when you can deploy the upstream fix. It is usually lower-risk than long-lived workarounds.
Option D — Guard side-effects with OnceOnly Guardrail for side-effects
Mitigate duplicate external side-effects under retries/timeouts/agent loops by gating the operation before calling external systems.
- Place OnceOnly between your code/agent and real side-effects (Stripe, emails, CRM, APIs).
- Use a stable key per side-effect (e.g., customer_id + action + idempotency_key).
- Fail-safe: configure fail-open vs fail-closed based on blast radius and spend risk.
Show example snippet (optional)
onceonly.py
from onceonly import OnceOnly
import os
once = OnceOnly(api_key=os.environ["ONCEONLY_API_KEY"], fail_open=True)
# Stable idempotency key per real side-effect.
# Use a request id / job id / webhook delivery id / Stripe event id, etc.
event_id = "evt_..." # replace
key = f"stripe:webhook:{event_id}"
res = once.check_lock(key=key, ttl=3600)
if res.duplicate:
return {"status": "already_processed"}
# Safe to execute the side-effect exactly once.
handle_event(event_id)
When NOT to use: Do not use this to hide logic bugs or data corruption. Use it to block duplicate external side-effects and enforce tool permissions/spend caps.
Fix reference: https://github.com/encode/uvicorn/pull/1356
First fixed release: 0.17.2
Last verified: 2026-02-09. Validate in your environment.
When NOT to Use This Fix
- This fix should not be applied if the application requires the changes introduced in PR #1332.
- Do not use this to hide logic bugs or data corruption. Use it to block duplicate external side-effects and enforce tool permissions/spend caps.
Verify Fix
verify
Re-run the minimal reproduction on your broken version, then apply the fix and re-run.
Did This Fix Work in Your Case?
Quick signal helps us prioritize which fixes to verify and improve.
Prevention
- Track RSS + object counts after deployments; alert on monotonic growth and GC pressure.
- Add a long-running test that repeats the failing call path and asserts stable memory.
Version Compatibility Table
| Version | Status |
|---|---|
| 0.17.2 | Fixed |
Related Issues
No related fixes found.
Sources
We don’t republish the full GitHub discussion text. Use the links above for context.