Opened 10 days ago

#1885 new defect

when nginx proxy to tomcat, sometimes nginx changes method(POST -> 01POST)

Reported by: jangys9510@… Owned by:
Priority: minor Milestone:
Component: nginx-module Version: 1.16.x
Keywords: Cc:
uname -a: Linux cvcweb001.caldf 2.6.32-754.15.3.el6.x86_64 #1 SMP Tue Jun 18 16:25:32 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.16.0 built by gcc 4.4.7 20120313 (Red Hat 4.4.7-18) (GCC) built with OpenSSL 1.0.1e-fips 11 Feb 2013 TLS SNI support enabled configure arguments: --prefix=/home1/irteam/apps/nginx-1.16.0 --user=irteam --group=irteam --error-log-path=/home1/irteam/apps/nginx/logs/error.log --http-log-path=/home1/irteam/apps/nginx/logs/access.log --without-http_scgi_module --without-http_uwsgi_module --without-http_fastcgi_module --with-http_ssl_module --with-http_sub_module --with-http_dav_module --with-http_stub_status_module --add-module=../ngx_http_neoauth_module-1.0.12-x64


I have a problem that nginx returns 501 error or 200 OK for same requests.
They are same url, parameters and hosts.
But sometimes nginx returns 501 error.
I use nginx 1.16.0 as the web server, tomcat 7.0.54 and java spring.

I tried to figure out why it happens.
First, I looked at nginx and tomcat's access log.

nginx access.log - [25/Oct/2019:16:21:19 +0900] "POST /ajax/test?ts=1571988079124 HTTP/1.1" [501] 1147 0.006 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit?/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36"

tomcat access.log - - [25/Oct/2019:16:21:19 +0900] "01POST /ajax/test?ts=1571988079124 HTTP/1.1" 501 1147 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit?/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36"

As you can see, client requested POST but tomcat received 01POST.
So I tried to set proxy_method to request method like this.

proxy_method $request_method;

But it doesn't work. Tomcat still receives strange method. (01POST, 01GET, 15GET, 7DPOST..)

Last, I looked at tcpdump by the wireshark.
Before tomcat returns 501 error, Continuation packet sends strange data.
There are Reassembled TCP segments in the continuation packet.
There are two different frame in treassembled TCP segments.
[Frame:67781, payload: 0-1 (2bytes)]
[Frame: 67833, payload:2-191 (190bytes)]
(Frame 67833 is the packet which returns 501 error)
First payload is "01" and second payload is "GET ~" (http header, body contents)
I think this is why nginx returns 501 error.

I looked tcpdump of other 501 responses, I found out it makes invalid continuation packet because of specific response. According to the example,Frame 67781's response is the specific response.(67783)

But still I don't know why it makes method weird. When I use apache, it doesn't return 501 error.

I will try to downgrade nginx 1.16.0 to nginx 1.15.9. I don't know if it can be fixed.

Please let me know how to fix it.

Thank you.

Change History (0)

Note: See TracTickets for help on using tickets.