Opened 5 weeks ago

Closed 5 weeks ago

#2245 closed defect (invalid)

HTTP/1 Connection closed instead of keep-alive with gzip on and chunked_transfer_encoding off

Reported by: andreas689@… Owned by:
Priority: major Milestone:
Component: nginx-core Version: 1.2.x
Keywords: Cc:
uname -a: Linux 05b45e074261 5.10.47-linuxkit #1 SMP Sat Jul 3 21:51:47 UTC 2021 x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.21.3
built by gcc 8.3.0 (Debian 8.3.0-6)
built with OpenSSL 1.1.1d 10 Sep 2019
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-g -O2 -fdebug-prefix-map=/data/builder/debuild/nginx-1.21.3/debian/debuild-base/nginx-1.21.3=. -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie'

Description

Hello, I found out keep-alive to clients is not working with enabled gzip and disabled chunked_transfer_encoding. I reconstructed issue with current https://hub.docker.com/_/nginx from dockerhub. In our environment are gzip enabled and chunked_transfer_encoding disabled.

    gzip on;
    chunked_transfer_encoding off;

Without compression, I get valid Connection: keep-alive but as soon as I request gzip-encoding, I get in my humble opinion invalid Connection: close as you may find below. I would here also expect Connection: keep-alive.

Could you please give me support?
Thanks
Andreas

curl -v 'http://localhost'

> GET / HTTP/1.1
> Host: localhost
> User-Agent: curl/7.64.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: nginx/1.21.3
< Date: Wed, 15 Sep 2021 14:42:48 GMT
< Content-Type: text/html
< Content-Length: 615
< Last-Modified: Tue, 07 Sep 2021 15:21:03 GMT
< Connection: keep-alive
< ETag: "6137835f-267"
< Accept-Ranges: bytes
<
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
* Connection #0 to host localhost left intact

curl -v 'http://localhost' -H "Accept-Encoding: gzip, deflate, br" -o /dev/null

> GET / HTTP/1.1
> Host: localhost
> User-Agent: curl/7.64.0
> Accept: */*
> Accept-Encoding: gzip, deflate, br
>
< HTTP/1.1 200 OK
< Server: nginx/1.21.3
< Date: Wed, 15 Sep 2021 14:44:48 GMT
< Content-Type: text/html
< Last-Modified: Tue, 07 Sep 2021 15:21:03 GMT
< Connection: close
< ETag: W/"6137835f-267"
< Content-Encoding: gzip
<
{ [397 bytes data]
100   397    0   397    0     0  99250      0 --:--:-- --:--:-- --:--:-- 99250
* Closing connection 0

nginx.conf

user  nginx;
worker_processes  auto;

error_log  /var/log/nginx/error.log notice;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    gzip on;
    chunked_transfer_encoding off;

    include /etc/nginx/conf.d/*.conf;
}

conf.d/default.conf

server {
    listen       80;
    listen  [::]:80;
    server_name  localhost;

    #access_log  /var/log/nginx/host.access.log  main;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    #location ~ \.php$ {
    #    root           html;
    #    fastcgi_pass   127.0.0.1:9000;
    #    fastcgi_index  index.php;
    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
    #    include        fastcgi_params;
    #}

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #    deny  all;
    #}
}

Change History (1)

comment:1 by Maxim Dounin, 5 weeks ago

Resolution: invalid
Status: newclosed

With chunked transfer encoding disabled it is not possible to keep connections alive unless the content length is known, and content length is not known in advance if gzip is used (as well as with other in-flight response modifications, such as SSI or substitutions).

Unless you have very specific reasons to disable chunked transfer encoding, such as self-written broken clients you have to support, consider enabling chunked transfer encoding as it is by default. Note that chunked transfer encoding support is mandatory in HTTP/1.1, and you should not disable it except as a workaround for broken clients. No widespread clients are known to require disabling chunked transfer encoding.

If you have further questions about nginx, consider using the mailing list.

Note: See TracTickets for help on using tickets.