You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by si...@siberian.org on 2002/08/10 09:09:21 UTC
httpd-2.0.xx and mod_rewrite strips chunky headers?
Hello all-
An interesting problem came up this evening, we have
client software that connects to our apache server and is
then reverse proxy'd to differing backend servers based on
URL patterns using mod_rewrite ( we see the same behavior
using mod_proxy ).
The problem : some of our newer builds are starting to use
Chunked Encoding for various reasons. It appears that when
apache makes the re-request it is stripping out the TE:
and Transfer-Encoding: headers as well as the chunk
length information.This appears very deliberate but I have
no idea what its doing it. Below is a typical example of a
captured session ( grabbed via tcpflow between the proxy
and the backend server running on 6208 'tcpflow -c port
6208').
Does anyone know why this is occuring? The clients appear
to be making the request per spec.
I also rolled back to 2.0.35 to test the pre 'Chunked
Encoding' vulnerability and got the same results. I saw a
bug in the database that 'sort of talked' about this sort
of thing but did not seem directly related ( search for
'chunk' and 'proxy' or 'rewrite' if I remember correctly )
Does anyone have any ideas?
Thanks
John Armstrong
--------------------------------------
- Rewrite Rule handling this request -
--------------------------------------
RewriteRule ^/pmcserver(.*)$
http://128.241.116.14:6208/pmcserver$1 [proxy]
--------------------
- ORIGINAL REQUEST -
--------------------
POST /pmcserver/GetServerTime/ HTTP/1.1
Host: pre.printme.com:443
User-Agent: Mozilla/4.0 (compatible)
Proxy-Connection: close
Connection: close
Accept: */*
Content-Type: application/octet-stream
TE: chunked
Accept-Encoding: deflate
Content-Encoding: deflate
Transfer-Encoding: chunked
Cache-Control: no-cache, no-transform, no-store
Pragma: no-cache
X-PrintMe-XML-Length: 579
Via: 1.1 128.241.116.8 (Alteon iSD-SSL/2.0)
X-SSL: decrypted=true, ciphers="TLSv1/SSLv3 RC4-SHA"
177
x.uR.n.0...+P.....W.#....J.H{.Rp.j...>....#.J>..........5xs...~...h....u.7......j+/D.+y..?.M..'?@...}......oD..........D.D3...
D[Kco..?Ow...!..y.U........f...`A.......9....9xbuc..=..y0p.....|o.....G.......]y....*?."......;Hh8..s.....il.p.88.P...T.........f.2*]..-+X..!y...(M
...b9..."5J.........f*U.#.+......4.(V...K.c.b..O.U.Q.....#.Rcp...D..3.0.6o
l9_..vS..0d.6D.)..W|.o...
0
--------------------
- PROXY REQUEST -
--------------------
POST /pmcserver/GetServerTime/ HTTP/1.1
Host: 128.241.116.14:6208
User-Agent: Mozilla/4.0 (compatible)
Accept: */*
Content-Type: application/octet-stream
Accept-Encoding: deflate
Content-Encoding: deflate
Cache-Control: no-cache, no-transform, no-store
Pragma: no-cache
X-PrintMe-XML-Length: 579
Via: 1.1 128.241.116.8 (Alteon iSD-SSL/2.0), 1.1
pre.printme.com:443
X-SSL: decrypted=true, ciphers="TLSv1/SSLv3 RC4-SHA"
Max-Forwards: 10
Connection: close
X-Forwarded-For: 10.10.99.83
X-Forwarded-Host: pre.printme.com:443
X-Forwarded-Server: pre.printme.com
x.uR.n.0...+P.....W.#....J.H{.Rp.j...>....#.J>..........5xs...~...h....u.7......j+/D.+y..?.M..'?@...}......oD..........D.D3...
D[Kco..?Ow...!..y.U........f...`A.......9....9xbuc..=..y0p.....|o.....G.......]y....*?."......;Hh8..s.....il.p.88.P...T.........f.2*]..-+X..!y...(M
...b9..."5J.........f*U.#.+......4.(V...K.c.b..O.U.Q.....#.Rcp...D..3.0.6o
l9_..vS..0d.6D.)..W|.o...
HTTP/1.1 411 Length Required
Content-type: text/plain
Connection: close
Content-Length: 0
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org