You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2020/10/15 14:46:47 UTC
[Bug 64816] New: Headers 'If-Modified-Since' header causes 400 in
8.5.58
https://bz.apache.org/bugzilla/show_bug.cgi?id=64816
Bug ID: 64816
Summary: Headers 'If-Modified-Since' header causes 400 in
8.5.58
Product: Tomcat 8
Version: 8.5.58
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
Assignee: dev@tomcat.apache.org
Reporter: nityasantosh@gmail.com
Target Milestone: ----
Created attachment 37503
--> https://bz.apache.org/bugzilla/attachment.cgi?id=37503&action=edit
Has screenshots where we have 400 errors and 200 success
In the Tomcat 8.5.58 change log we have this - 'Improve the validation of
entity tags provided with conditional requests. Requests with headers that
contain invalid entity tags will be rejected with a 400 response code. Improve
the matching algorithm used to compare entity tags in conditional requests with
the entity tag for the requested resource. Based on a pull request by Sergey
Ponomarev. (markt)'.
We believe this update is causing 400 error in Chrome when caching is enabled
and requests which have 'If-None-Match' and 'If-Modified-Since' headers. When
caching is disabled using Developer tools 400 errors are gone.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 64816] Headers 'If-Modified-Since' header causes 400 in 8.5.58
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=64816
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |WORKSFORME
--- Comment #2 from Mark Thomas <ma...@apache.org> ---
This works for me without any problems which is what I would expect since the
provided header values are valid.
You might want to use the users list to explore what is going on here.
If you still see this issue then please provide the simplest possible test case
that reproduces this issue with the latest 8.5.x release (or 9.0.x or 10.0.x).
For the error described it should be possible to recreate this with just a HTTP
request to the default Tomcat install so the test case would look something
like:
Make this request:
GET /tomcat.css HTTP/1.1
Host: localhost:8080
If-Modified-Since: Wed, 07 Oct 2020 01:31:56 GMT
If-None-Match: W/"10912-1602034316000"
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 64816] Headers 'If-Modified-Since' header causes 400 in 8.5.58
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=64816
Michael Osipov <mi...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |WORKSFORME
Status|REOPENED |RESOLVED
--- Comment #4 from Michael Osipov <mi...@apache.org> ---
(In reply to nityasantosh from comment #3)
> After further investigation we figured out that the new header value
> validation doesn't consider HTML escaped header values are correct.
>
> The below request fails with 400.
>
> GET /tomcat.css HTTP/1.1
> Host: localhost:8080
> If-Modified-Since: Wed, 07 Oct 2020 01:31:56 GMT
> If-None-Match: W/"10912-1602034316000"
HTTP is not HTML. The given input is invalid.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 64816] Headers 'If-Modified-Since' header causes 400 in 8.5.58
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=64816
--- Comment #1 from Mark Thomas <ma...@apache.org> ---
To save others having to work through a 80KB zip archive for a few bytes, the
headers in question are:
If-Modified-Since: Wed, 07 Oct 2020 01:31:56 GMT
If-None-Match: W/"10912-1602034316000"
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 64816] Headers 'If-Modified-Since' header causes 400 in 8.5.58
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=64816
nityasantosh@gmail.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|WORKSFORME |---
Status|RESOLVED |REOPENED
--- Comment #3 from nityasantosh@gmail.com ---
After further investigation we figured out that the new header value validation
doesn't consider HTML escaped header values are correct.
The below request fails with 400.
GET /tomcat.css HTTP/1.1
Host: localhost:8080
If-Modified-Since: Wed, 07 Oct 2020 01:31:56 GMT
If-None-Match: W/"10912-1602034316000"
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org