You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficserver.apache.org by "Bryan Call (JIRA)" <ji...@apache.org> on 2016/08/16 20:43:20 UTC
[jira] [Updated] (TS-3172) Http/1.0 allowed even when only Http/1.1
configured as session protocol and vice-versa.
[ https://issues.apache.org/jira/browse/TS-3172?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Bryan Call updated TS-3172:
---------------------------
Assignee: (was: Sudheer Vinukonda)
> Http/1.0 allowed even when only Http/1.1 configured as session protocol and vice-versa.
> ---------------------------------------------------------------------------------------
>
> Key: TS-3172
> URL: https://issues.apache.org/jira/browse/TS-3172
> Project: Traffic Server
> Issue Type: Bug
> Components: HTTP
> Affects Versions: 5.1.0
> Reporter: Sudheer Vinukonda
> Fix For: sometime
>
>
> With the below configuration restricting http/1.0 for the TLS ports, I still see that http/1.0 requests are not rejected.
> {code}
> % sudo traffic_line -m . | grep server_ports
> proxy.config.http.server_ports 80:proto=http/1.1
> {code}
> {code}
> % curl -0 -v http://myproxy.com --o /dev/null
> * About to connect() to myproxy. port 80 (#0)
> * Trying xx.xx.xx.xxx... connected
> * Connected to myproxy.com (xx.xx.xx.xxx) port 80 (#0)
> > GET / HTTP/1.0
> > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.3.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> > Host: myproxy.com
> > Accept: */*
> >
> % Total % Received % Xferd Average Speed Time Time Time Current
> Dload Upload Total Spent Left Speed
> 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* HTTP 1.0, assume close after body
> < HTTP/1.0 404 Not Found
> < Content-Type: text/html
> < Content-Length: 345
> < Date: Wed, 05 Nov 2014 18:48:58 GMT
> < Server: ATS
> < Age: 0
> < Via: http/1.1 myproxy.com (ApacheTrafficServer/5.0.1)
> <
> { [data not shown]
> 115 345 115 345 0 0 42846 0 --:--:-- --:--:-- --:--:-- 69000* Closing connection #0
> {code}
> The above inconsistent behavior is true when http/1.0 alone is configured as well (http/1.1 requests are allowed).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)