fix: reject multipart ranges before validation

[shblue21]

Motivation

ServeDir / ServeFile do not support multipart range responses, but they still validate multipart Range headers before later rejecting them with 416 Range Not Satisfiable.

That means requests that are guaranteed to be rejected still pay the cost of validate(file_size) first. In practice, this includes the pairwise overlap checks done during range validation.

Solution

Reject multipart ranges before calling validate(file_size).

This change keeps the fix small by only updating serve_dir/open_file.rs:

• parse the range header as before
• if more than one range is present, immediately return an error
• only call validate(file_size) for single-range requests

This reuses the existing Err(_) -> 416 response path and adds a regression test covering a valid multipart range request.

Note: this changes the 416 response body for valid multipart range requests from Cannot serve multipart range requests to empty, since they now fall through the existing generic Err(_) -> 416 path in future.rs.

Refs: #660

[jplatte]

Note: this changes the 416 response body for valid multipart range requests from Cannot serve multipart range requests to empty, since they now fall through the existing generic Err(_) -> 416 path in future.rs.

I think it would make sense to keep the specific error message body. Can you bring it back?

[shblue21]

Thanks. I’ll keep the multipart-specific body so the response stays behavior-preserving. That will require a small future.rs update, and I’ll keep the patch as minimal as possible.

[shblue21]

Added the small future.rs change. Multi-range requests still skip validate(file_size), and the regression test now checks the multipart-specific 416 body.