You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by Jeremy Laidman <Je...@cit.act.edu.au> on 1997/02/03 05:10:00 UTC
mod_proxy/150: Proxy fails on incorrect status line format (more info on PR137)
>Number: 150
>Category: mod_proxy
>Synopsis: Proxy fails on incorrect status line format (more info on PR137)
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: gnats-admin (GNATS administrator)
>State: open
>Class: change-request
>Submitter-Id: apache
>Arrival-Date: Sun Feb 2 20:10:00 1997
>Originator: Jeremy.Laidman@cit.act.edu.au
>Organization:
apache
>Release: 1.2b4
>Environment:
Linux 2.0.14.
>Description:
Problem PR137 described a problem when connecting to the url
http://www.stockmaster.com/cgi-bin/graph?sym=intc
The server at stockmaster.com (Apache 1.1.1) is returning
a status code of 302 to indicate a temporarily moved page.
Unfortunately, the status line is not HTTP/1.x compliant
and does not have a Reason-Phrase. It returns
HTTP/1.0 302
instead of
HTTP/1.0 302 Moved Temporarily
The proxy module performs a checkmask using the mask of
"HTTP/#.# ### *" which will only match when there is at
least a space following the status code. In this case
there isn't a space so no headers are recognised (and
the response is treated as HTTP/0.9), thus the proxy
module starts inserting its own headers. The original
headers then appear in the body and a "Location:" header
is not processed by the client so no redirection is
performed as was intended by the broken page.
>How-To-Repeat:
Access the url through the proxy module:
http://www.stockmaster.com/cgi-bin/graph?sym=intc
>Fix:
1) Have the remote site fix their page.
2) The Apache proxy module can be more forgiving in its checkmask
call, using a mask of "HTTP/#.# ###*" instead of "HTTP/#.# ### *"
(modules/proxy/proxy_http.c, line 268).
3) Recognise a 1.x status line in a bad format, and display an
appropriate message (eg 502 Bad Gateway).
%0
>Audit-Trail:
>Unformatted: