[users@httpd] HTTP 401: Apache strips out response headers

[Marco Pizzoli <ma...@gmail.com>]

Hi all,
I am reverse proxying a backend which returns a http code 401.
I see Apache is stripping out all the http headers returned by the backend
along with the 401 and this is causing trouble to the client application.

Is there a way to get the original http headers to the client?

I can't find any documentation about this. Not even a reference to the fact
Apache is re-writing the answer, but I checked myself and now I am sure of
this behaviour....

Apache currently used for this setup is 2.2. Migration to 2.4 is planned in
the coming motnhs.

Thank you in advance for your help
Marco

Re: [users@httpd] HTTP 401: Apache strips out response headers

[Luca Toscano <to...@gmail.com>]

Hi Marco,

2017-01-10 12:57 GMT-08:00 Marco Pizzoli <ma...@gmail.com>:

> Hi all,
> I am reverse proxying a backend which returns a http code 401.
> I see Apache is stripping out all the http headers returned by the backend
> along with the 401 and this is causing trouble to the client application.
>
> Is there a way to get the original http headers to the client?
>
> I can't find any documentation about this. Not even a reference to the
> fact Apache is re-writing the answer, but I checked myself and now I am
> sure of this behaviour....
>
> Apache currently used for this setup is 2.2. Migration to 2.4 is planned
> in the coming motnhs.
>
>
I tried to reproduce the issue with 2.4.25 (mod_proxy_http connecting to a
python webserver returning a 401 with custom headers) and I got the
expected response without any header stripping. I'll try asap on 2.2 but in
the meantime, can you tell us if you managed to reproduce the problem on a
2.4.x version of httpd? Moreover, if you have a simple script or way to
reproduce your backend (returning 401) please share it with us so we'll be
able to track down the issue quickly.

Thanks!

Luca

Re: [users@httpd] HTTP 401: Apache strips out response headers

[Adam Teale <ad...@believe.tv>]

We are using apache​ 2.4.23

2017-01-11 9:33 GMT-03:00 Adam Teale <ad...@believe.tv>:

> Marco I think I am experiencing this too.
>
> I am using apache to reverse proxy to our app that handles the web sockets
> / chat.
>
> As far as I can tell from mod_dumpio's logging apache returns the correct
> response headers to the client - particularly:
>
>
> [Wed Jan 11 09:31:43.807204 2017] [dumpio:trace7] [pid 8091]
> mod_dumpio.c(100): [remote 192.168.1.136:8001] mod_dumpio:  dumpio_in
> (data-HEAP): HTTP/1.1 101 Switching Protocols\r\nServer:
> AutobahnPython/0.17.1\r\nUpgrade: WebSocket\r\nConnection:
> Upgrade\r\nSec-WebSocket-Accept: 9+mE2HjR58djdFt7E0WxNbqemsM=\r\n\r\n\x81\x10{"accept":
> true}
>
>
> [Wed Jan 11 09:31:43.807235 2017] [dumpio:trace7] [pid 8091]
> mod_dumpio.c(100): [client 127.0.0.1:51749] mod_dumpio:  dumpio_out
> (data-TRANSIENT): HTTP/1.1 101 Switching Protocols\r\nServer:
> AutobahnPython/0.17.1\r\nUpgrade: WebSocket\r\nConnection:
> Upgrade\r\nSec-WebSocket-Accept: 9+mE2HjR58djdFt7E0WxNbqemsM=\r\n\r\n\x81\x10{"accept":
> true}
>
>
>
> However according to Firefox, Safari & Chrome those headers aren't there:
> "Error during WebSocket handshake: 'Upgrade' header is missing"
>
> I'm looking forward to getting to the bottom of this
>
>
>
>
>
> 2017-01-10 17:57 GMT-03:00 Marco Pizzoli <ma...@gmail.com>:
>
>> Hi all,
>> I am reverse proxying a backend which returns a http code 401.
>> I see Apache is stripping out all the http headers returned by the
>> backend along with the 401 and this is causing trouble to the client
>> application.
>>
>> Is there a way to get the original http headers to the client?
>>
>> I can't find any documentation about this. Not even a reference to the
>> fact Apache is re-writing the answer, but I checked myself and now I am
>> sure of this behaviour....
>>
>> Apache currently used for this setup is 2.2. Migration to 2.4 is planned
>> in the coming motnhs.
>>
>> Thank you in advance for your help
>> Marco
>>
>
>

Re: [users@httpd] HTTP 401: Apache strips out response headers

[Adam Teale <ad...@believe.tv>]

Marco I think I am experiencing this too.

I am using apache to reverse proxy to our app that handles the web sockets
/ chat.

As far as I can tell from mod_dumpio's logging apache returns the correct
response headers to the client - particularly:


[Wed Jan 11 09:31:43.807204 2017] [dumpio:trace7] [pid 8091]
mod_dumpio.c(100): [remote 192.168.1.136:8001] mod_dumpio:  dumpio_in
(data-HEAP): HTTP/1.1 101 Switching Protocols\r\nServer:
AutobahnPython/0.17.1\r\nUpgrade: WebSocket\r\nConnection:
Upgrade\r\nSec-WebSocket-Accept:
9+mE2HjR58djdFt7E0WxNbqemsM=\r\n\r\n\x81\x10{"accept": true}


[Wed Jan 11 09:31:43.807235 2017] [dumpio:trace7] [pid 8091]
mod_dumpio.c(100): [client 127.0.0.1:51749] mod_dumpio:  dumpio_out
(data-TRANSIENT): HTTP/1.1 101 Switching Protocols\r\nServer:
AutobahnPython/0.17.1\r\nUpgrade: WebSocket\r\nConnection:
Upgrade\r\nSec-WebSocket-Accept:
9+mE2HjR58djdFt7E0WxNbqemsM=\r\n\r\n\x81\x10{"accept": true}



However according to Firefox, Safari & Chrome those headers aren't there:
"Error during WebSocket handshake: 'Upgrade' header is missing"

I'm looking forward to getting to the bottom of this





2017-01-10 17:57 GMT-03:00 Marco Pizzoli <ma...@gmail.com>:

> Hi all,
> I am reverse proxying a backend which returns a http code 401.
> I see Apache is stripping out all the http headers returned by the backend
> along with the 401 and this is causing trouble to the client application.
>
> Is there a way to get the original http headers to the client?
>
> I can't find any documentation about this. Not even a reference to the
> fact Apache is re-writing the answer, but I checked myself and now I am
> sure of this behaviour....
>
> Apache currently used for this setup is 2.2. Migration to 2.4 is planned
> in the coming motnhs.
>
> Thank you in advance for your help
> Marco
>