http.get Parse Error, code: ‘HPE_UNEXPECTED_CONTENT_LENGTH’

I have a simple node script to process some data from my home automation API. Everything worked fine till last Node update. Now, with Node version 4.3.0 or 5.6.0, the http module gives me this error:

{ [Error: Parse Error] bytesParsed: 193, code: 'HPE_UNEXPECTED_CONTENT_LENGTH' }

An example of the API call causing the error, it just returns one number (a temperature):

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 5
Content-Type: application/json
Transfer-Encoding: chunked


And a code to reproduce an error:

const http = require("http");
const url = "[11].instances[2].commandClasses[49].data[1].val.value";

http.get(url, (res) => {
    // consume response body
}).on("error", (e) => {

I think that error related to the CVE-2016-2216 Response Splitting Vulnerability, but I tried to run the script with mentioned there –security-revert=CVE-2016-2216 flag and it didn’t help. Any ideas?


Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

I found this commit log. The problem seems is Content-Length and Transfer-encoding: chunked headers exist together:

the server is sending
both a Content-Length header and a Transfer-Encoding: chunked
header, which is a violation of the HTTP spec.

Method 2

As said in the previous answer this is node design as per HTTP standards. i got this issue when I was trying to access REST-API (a content disposition call) in my DEV server from my Angular App running in my local machine. API was not adding these headers Content-Length and Transfer Encoding.
The issue resolved when the app was also deployed to Dev server (Angular App and REST API in same server).

From what I understood, Remove one header if both are being added in API
or Try deploying app in Server.

This is a useful link on this issue –

All methods was sourced from or, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Notify of

Inline Feedbacks
View all comments
Would love your thoughts, please comment.x