Opened 10 days ago

#1885 new defect

when nginx proxy to tomcat, sometimes nginx changes method(POST -> 01POST)

Reported by: jangys9510@… Owned by:
Priority: minor Milestone:
Component: nginx-module Version: 1.16.x
Keywords: Cc:
uname -a: Linux cvcweb001.caldf 2.6.32-754.15.3.el6.x86_64 #1 SMP Tue Jun 18 16:25:32 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.16.0 built by gcc 4.4.7 20120313 (Red Hat 4.4.7-18) (GCC) built with OpenSSL 1.0.1e-fips 11 Feb 2013 TLS SNI support enabled configure arguments: --prefix=/home1/irteam/apps/nginx-1.16.0 --user=irteam --group=irteam --error-log-path=/home1/irteam/apps/nginx/logs/error.log --http-log-path=/home1/irteam/apps/nginx/logs/access.log --without-http_scgi_module --without-http_uwsgi_module --without-http_fastcgi_module --with-http_ssl_module --with-http_sub_module --with-http_dav_module --with-http_stub_status_module --add-module=../ngx_http_neoauth_module-1.0.12-x64

Description

Hello.
I have a problem that nginx returns 501 error or 200 OK for same requests.
They are same url, parameters and hosts.
But sometimes nginx returns 501 error.
I use nginx 1.16.0 as the web server, tomcat 7.0.54 and java spring.

I tried to figure out why it happens.
First, I looked at nginx and tomcat's access log.

example)
nginx access.log
10.33.xxx.xxx - [25/Oct/2019:16:21:19 +0900] "POST /ajax/test?ts=1571988079124 HTTP/1.1" [501] 1147 0.006 "https://test.com" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit?/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36"

tomcat access.log
127.0.0.1 - - [25/Oct/2019:16:21:19 +0900] "01POST /ajax/test?ts=1571988079124 HTTP/1.1" 501 1147 "https://test.com" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit?/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36"

As you can see, client requested POST but tomcat received 01POST.
So I tried to set proxy_method to request method like this.

nginx.conf
proxy_method $request_method;

But it doesn't work. Tomcat still receives strange method. (01POST, 01GET, 15GET, 7DPOST..)

Last, I looked at tcpdump by the wireshark.
https://user-images.githubusercontent.com/23052219/68363562-a8e79100-016e-11ea-8d4a-d4f1ca9cd58b.png
Before tomcat returns 501 error, Continuation packet sends strange data.
https://user-images.githubusercontent.com/23052219/68363577-b7ce4380-016e-11ea-8837-eaa2abedeffb.png
There are Reassembled TCP segments in the continuation packet.
There are two different frame in treassembled TCP segments.
[Frame:67781, payload: 0-1 (2bytes)]
[Frame: 67833, payload:2-191 (190bytes)]
(Frame 67833 is the packet which returns 501 error)
First payload is "01" and second payload is "GET ~" (http header, body contents)
I think this is why nginx returns 501 error.

I looked tcpdump of other 501 responses, I found out it makes invalid continuation packet because of specific response. According to the example,Frame 67781's response is the specific response.(67783)
https://user-images.githubusercontent.com/23052219/68363606-d3394e80-016e-11ea-9ab8-6401060bb446.png

But still I don't know why it makes method weird. When I use apache, it doesn't return 501 error.

I will try to downgrade nginx 1.16.0 to nginx 1.15.9. I don't know if it can be fixed.

Please let me know how to fix it.

Thank you.

Change History (0)

Note: See TracTickets for help on using tickets.