Opened 12 years ago
Closed 11 years ago
#337 closed defect (invalid)
Opera sends an invalid "Content-Length" header over SPDY in some cases
Reported by: | Greg Macsok | Owned by: | Valentin V. Bartenev |
---|---|---|---|
Priority: | minor | Milestone: | |
Component: | nginx-module | Version: | 1.3.x |
Keywords: | Cc: | ||
uname -a: | Linux www3 3.8.5-gentoo #1 SMP Thu Apr 4 04:14:38 PDT 2013 x86_64 Intel(R) Xeon(R) CPU L5640 @ 2.27GHz GenuineIntel GNU/Linux | ||
nginx -V: |
nginx version: nginx/1.3.16
TLS SNI support enabled configure arguments: --prefix=/usr --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error_log --pid-path=/run/nginx.pid --lock-path=/var/lock/nginx.lock --with-cc-opt=-I/usr/include --with-ld-opt=-L/usr/lib --http-log-path=/var/log/nginx/access_log --http-client-body-temp-path=/var/tmp/nginx/client --http-proxy-temp-path=/var/tmp/nginx/proxy --http-fastcgi-temp-path=/var/tmp/nginx/fastcgi --http-scgi-temp-path=/var/tmp/nginx/scgi --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi --with-ipv6 --with-pcre --without-http_auth_basic_module --without-http_autoindex_module --without-http_empty_gif_module --without-http_geo_module --without-http_limit_req_module --without-http_limit_conn_module --without-http_map_module --without-http_proxy_module --without-http_referer_module --without-http_scgi_module --without-http_split_clients_module --without-http_upstream_ip_hash_module --without-http_uwsgi_module --with-http_mp4_module --with-http_spdy_module --with-http_stub_status_module --with-http_realip_module --add-module=/var/tmp/portage/www-servers/nginx-1.3.16/work/headers-more-nginx-module-0.19 --with-http_ssl_module --without-mail_imap_module --without-mail_pop3_module --without-mail_smtp_module --user=nginx --group=nginx |
Description
For some reason, Nginx returns a 400 Bad Request when an Opera user attepts to POST data over SPDY.
To reproduce:
Visit https://secure.indieroyale.com/cart
Click on Star
Click pay with PayPal
Enter Email
Click Purchase.
400 Bad Request is returned.
Error_log shows this:
2013/04/23 03:47:24 [info] 9490#0: *72100667 client sent invalid "Content-Length" header while processing SPDY, client: X.X.X.X, server: www.indieroyale.com, request: "POST /cart/confirm HTTP/1.1", host: "secure.indieroyale.com", referrer: "https://secure.indieroyale.com/cart"
Any ideas ?
Attachments (1)
Change History (6)
comment:1 by , 12 years ago
comment:2 by , 12 years ago
Owner: | set to |
---|---|
Status: | new → assigned |
comment:3 by , 12 years ago
Priority: | critical → minor |
---|
comment:4 by , 12 years ago
Hi,
Are there any updates on this? Otherwise we will have to turn SPDY off completely as it is not working for anyone on Opera.
comment:5 by , 11 years ago
Resolution: | → invalid |
---|---|
Status: | assigned → closed |
Summary: | SPDY → Opera sends an invalid "Content-Length" header over SPDY in some cases |
It looks like, that you have stumbled over a bug in Opera. I cannot reproduce it on my local test environment using a simple POST form, it seems JS on your page is involved somehow, but I've investigated what happens on the wire with your site.
Here is a TLS connection dump of decrypted data using the MITM technique:
00000000 80 02 00 04 00 00 00 0c 00 00 00 01 04 00 00 02 ........ ........ 00000010 00 00 00 64 80 02 00 01 00 00 03 63 00 00 00 01 ...d.... ...c.... 00000020 00 00 00 00 00 00 38 ea df a2 51 b2 62 e0 65 e0 ......8. ..Q.b.e. 00000030 42 24 5a 06 1b ff 82 d4 a2 44 7d 4b 3d 0b 03 05 B$Z..... .D}K=... 00000040 8d 08 43 43 6b 05 9f cc bc d2 0a 85 0a 0b b3 78 ..CCk... .......x 00000050 33 13 4d 85 00 60 e0 95 e4 eb 1b e9 19 1a e9 19 3.M..`.. ........ 00000060 5b 58 28 84 41 4c d2 07 72 0d 4d 19 58 40 f9 8d [X(.AL.. r.M.X@.. 00000070 41 0c 98 20 4a 8b 52 f5 32 f3 52 32 53 8b f2 2b A.. J.R. 2.R2S..+ 00000080 13 73 52 f5 92 f3 73 19 d8 20 e9 92 a1 11 1e 12 .sR...s. . ...... 00000090 3a 0a 68 1e b6 2e b4 35 d0 b3 44 13 06 a9 d4 ae :.h....5 ..D..... 000000A0 00 a9 86 87 1c 8c 59 9e 9a 54 00 63 67 15 a4 c2 ......Y. .T.cg... 000000B0 c5 81 41 09 63 56 e8 56 24 65 96 e4 26 02 d5 69 ..A.cV.V $e..&..i 000000C0 e9 03 a4 05 b6 c0 90 81 1f ad f8 60 e0 4b cd d3 ........ ...`.K.. 000000D0 0d 0d d6 49 cd 83 b8 00 ae 00 96 3c 19 78 41 81 ...I.... ...<.xA. 000000E0 a9 a3 00 0d 4e 06 76 68 8e 67 d0 06 08 a0 8c 92 ....N.vh .g...... 000000F0 92 82 62 2b 7d fd e2 d4 e4 d2 a2 54 bd cc bc 94 ..b+}... ...T.... 00000100 cc d4 a2 fc ca c4 9c 54 bd e4 fc 5c fd e4 c4 a2 .......T ...\.... 00000110 12 fd e4 fc bc b4 cc a2 5c 80 00 62 60 83 24 33 ........ \..b`.$3 00000120 c6 5b 00 01 08 82 83 1b 00 61 18 06 80 1b 45 4e .[...... .a....EN 00000130 1d 3b 44 88 59 2a 06 e0 07 fb 73 b7 f7 f7 3e f7 .;D.Y*.. ..s...>. 00000140 55 60 4f ad 8a 84 96 a1 36 22 e9 41 1e 3d 8c a4 U`O..... 6".A.=.. 00000150 07 5e 2d 45 d2 03 8b ea a8 f3 17 40 0a f1 f1 a5 .^-E.... ...@.... 00000160 25 b9 49 b6 26 06 c6 e6 96 26 46 26 7a 16 7a 86 %.I.&... .&F&z.z. 00000170 06 7a 86 c6 66 96 06 66 a6 c6 a6 e6 d6 00 01 a4 .z..f..f ........ 00000180 10 1f 5f 5a 92 9b 6c 6b 62 60 6c 6e 69 62 64 62 .._Z..lk b`lnibdb 00000190 0d 10 80 20 38 c6 01 10 84 01 00 f8 15 47 58 1a ... 8... .....GX. 000001A0 2a 44 24 a6 6f 61 28 0c 0c c5 04 db c5 f8 78 ef *D$.oa(. ......x. 000001B0 b6 5a 4d e5 a5 14 62 2e 69 4f 80 f1 28 01 cf 5c .ZM...b. iO..(..\ 000001C0 22 20 20 98 0a 3f 8b 5c 1b ab b3 fa cf 54 98 27 " ..?.\ .....T.' 000001D0 b9 36 56 67 f5 9f a9 b0 34 72 f3 9e dd 5f bf 00 .6Vg.... 4r..._.. 000001E0 52 48 29 cd 4e cd 2b cd 4e cd b5 4d 4e b3 4c 4d RH).N.+. N..MN.LM 000001F0 33 4d 32 34 48 33 4b 4d 36 b0 48 35 32 30 4b 33 3M24H3KM 6.H520K3 00000200 31 4e b4 48 36 37 31 35 30 4e b6 b4 06 08 20 85 1N.H6715 0N.... . 00000210 f8 f8 c2 e4 44 db 00 03 5d 4b 33 4b 63 0b 73 73 ....D... ]K3Kc.ss 00000220 53 5d 43 63 33 4b 03 43 0b 73 4b 23 0b 33 43 6b S]Cc3K.C .sK#.3Ck 00000230 80 00 04 c1 d1 0d 80 50 08 03 c0 55 9c 80 b4 f4 .......P ...U.... 00000240 51 21 c6 59 8c 03 f8 a7 fb 7b b7 5d d7 f7 3e f7 Q!.Y.... .{.]..>. 00000250 99 39 95 e2 42 30 b9 2f 55 8b 41 79 e0 72 23 28 .9..B0./ U.Ay.r#( 00000260 0f 5c 6e 04 e5 81 cb 8d e0 f1 0b 20 85 f8 f8 d2 .\n..... ... .... 00000270 92 dc 64 5b 23 23 4b 53 23 63 43 13 03 6b 80 00 ..d[##KS #cC..k.. 00000280 04 c1 31 0e 80 20 0c 00 c0 af 38 c2 42 28 08 91 ..1.. .. ..8.B(.. 00000290 98 be 85 a1 30 30 14 13 6c 17 c3 e3 bd 3b 6a 55 ....00.. l....;jU 000002A0 e1 0f 43 28 29 44 38 bd 83 98 8b cf 29 5f de 81 ..C()D8. ....)_.. 000002B0 03 a7 c2 f4 2e 34 6d ac 4e 62 b7 0a 13 4d 34 6d .....4m. Nb...M4m 000002C0 ac 4e 62 b7 0a 13 37 34 f3 99 dd de bf 00 52 c8 .Nb...74 ......R. 000002D0 4d 2c 2e 49 2d 4a ce c8 4c 4d b3 4d 4d 35 36 32 M,.I-J.. LM.MM562 000002E0 31 48 4e 31 33 4a 49 b1 4c 4c 34 31 49 32 4a 32 1HN13JI. LL41I2J2 000002F0 4d 34 35 b6 34 35 49 49 b1 34 b6 b4 06 08 20 06 M45.45II .4.... . 00000300 3e d4 82 8a 81 03 20 80 8c 8c 4d 74 14 8c 8c 4d >..... . ..Mt...M 00000310 00 02 88 81 07 b9 30 62 50 04 08 a0 c4 82 82 9c ......0b P....... 00000320 cc e4 c4 92 cc fc 3c fd 0a dd f2 f2 72 dd b4 fc ......<. ....r... 00000330 a2 5c dd d2 a2 9c d4 bc e4 fc 94 d4 14 80 00 62 .\...... .......b 00000340 60 cb 4d 05 56 34 29 0c 2c 01 fe c1 21 0c 6c c5 `.M.V4). ,...!.l. 00000350 c0 42 35 37 95 81 35 a3 a4 a4 a0 98 81 1d 9a 89 .B57..5. ........ 00000360 19 38 60 79 9b 81 19 94 a1 79 01 02 48 3f 39 b1 .8`y.... .y..H?9. 00000370 a8 44 3f 39 3f 2f 2d b3 28 17 00 00 00 ff ff 80 .D?9?/-. (....... 00000380 02 00 06 00 00 00 04 00 00 00 01 00 00 00 01 01 ........ ........ 00000390 00 00 00 ...
That is what Opera sends to the server over a newly established TLS connection right after the "Purchase" button has been pushed. It contains the SYN_STREAM spdy frame with a block of compressed headers. If we extract, and then decompress this block, we will see this:
00000000 00 0d 00 0a 75 73 65 72 2d 61 67 65 6e 74 00 3c |....user-agent.<| 00000010 4f 70 65 72 61 2f 39 2e 38 30 20 28 58 31 31 3b |Opera/9.80 (X11;| 00000020 20 4c 69 6e 75 78 20 78 38 36 5f 36 34 29 20 50 | Linux x86_64) P| 00000030 72 65 73 74 6f 2f 32 2e 31 32 2e 33 38 38 20 56 |resto/2.12.388 V| 00000040 65 72 73 69 6f 6e 2f 31 32 2e 31 35 00 04 68 6f |ersion/12.15..ho| 00000050 73 74 00 16 73 65 63 75 72 65 2e 69 6e 64 69 65 |st..secure.indie| 00000060 72 6f 79 61 6c 65 2e 63 6f 6d 00 06 61 63 63 65 |royale.com..acce| 00000070 70 74 00 81 74 65 78 74 2f 68 74 6d 6c 2c 20 61 |pt..text/html, a| 00000080 70 70 6c 69 63 61 74 69 6f 6e 2f 78 6d 6c 3b 71 |pplication/xml;q| 00000090 3d 30 2e 39 2c 20 61 70 70 6c 69 63 61 74 69 6f |=0.9, applicatio| 000000a0 6e 2f 78 68 74 6d 6c 2b 78 6d 6c 2c 20 69 6d 61 |n/xhtml+xml, ima| 000000b0 67 65 2f 70 6e 67 2c 20 69 6d 61 67 65 2f 77 65 |ge/png, image/we| 000000c0 62 70 2c 20 69 6d 61 67 65 2f 6a 70 65 67 2c 20 |bp, image/jpeg, | 000000d0 69 6d 61 67 65 2f 67 69 66 2c 20 69 6d 61 67 65 |image/gif, image| 000000e0 2f 78 2d 78 62 69 74 6d 61 70 2c 20 2a 2f 2a 3b |/x-xbitmap, */*;| 000000f0 71 3d 30 2e 31 00 0f 61 63 63 65 70 74 2d 6c 61 |q=0.1..accept-la| 00000100 6e 67 75 61 67 65 00 0e 65 6e 2d 55 53 2c 65 6e |nguage..en-US,en| 00000110 3b 71 3d 30 2e 39 00 0f 61 63 63 65 70 74 2d 65 |;q=0.9..accept-e| 00000120 6e 63 6f 64 69 6e 67 00 0d 67 7a 69 70 2c 20 64 |ncoding..gzip, d| 00000130 65 66 6c 61 74 65 00 07 72 65 66 65 72 65 72 00 |eflate..referer.| 00000140 2b 68 74 74 70 73 3a 2f 2f 73 65 63 75 72 65 2e |+https://secure.| 00000150 69 6e 64 69 65 72 6f 79 61 6c 65 2e 63 6f 6d 2f |indieroyale.com/| 00000160 63 61 72 74 2f 63 6f 6e 66 69 72 6d 00 06 63 6f |cart/confirm..co| 00000170 6f 6b 69 65 01 da 5f 5f 75 74 6d 61 3d 34 30 33 |okie..__utma=403| 00000180 37 39 34 32 34 2e 31 30 35 32 36 30 35 37 36 30 |79424.1052605760| 00000190 2e 31 33 36 39 30 31 38 37 39 33 2e 31 33 36 39 |.1369018793.1369| 000001a0 30 36 32 37 35 35 2e 31 33 36 39 30 36 35 33 35 |062755.136906535| 000001b0 37 2e 34 3b 20 5f 5f 75 74 6d 62 3d 34 30 33 37 |7.4; __utmb=4037| 000001c0 39 34 32 34 2e 38 2e 31 30 2e 31 33 36 39 30 36 |9424.8.10.136906| 000001d0 35 33 35 37 3b 20 5f 5f 75 74 6d 63 3d 34 30 33 |5357; __utmc=403| 000001e0 37 39 34 32 34 3b 20 5f 5f 75 74 6d 7a 3d 34 30 |79424; __utmz=40| 000001f0 33 37 39 34 32 34 2e 31 33 36 39 30 31 38 37 39 |379424.136901879| 00000200 33 2e 31 2e 31 2e 75 74 6d 63 73 72 3d 28 64 69 |3.1.1.utmcsr=(di| 00000210 72 65 63 74 29 7c 75 74 6d 63 63 6e 3d 28 64 69 |rect)|utmccn=(di| 00000220 72 65 63 74 29 7c 75 74 6d 63 6d 64 3d 28 6e 6f |rect)|utmcmd=(no| 00000230 6e 65 29 3b 20 64 75 6b 65 6e 75 6b 65 6d 3d 63 |ne); dukenukem=c| 00000240 66 39 65 66 35 62 31 30 66 36 65 63 30 38 65 32 |f9ef5b10f6ec08e2| 00000250 30 36 66 34 33 61 38 63 37 34 35 30 33 63 39 3b |06f43a8c74503c9;| 00000260 20 5f 5f 71 63 61 3d 50 30 2d 39 36 39 33 38 37 | __qca=P0-969387| 00000270 37 35 2d 31 33 36 39 30 31 38 37 39 32 38 36 31 |75-1369018792861| 00000280 3b 20 5f 5f 75 74 6d 61 3d 32 32 39 35 32 33 31 |; __utma=2295231| 00000290 34 30 2e 31 32 31 37 34 33 35 38 33 31 2e 31 33 |40.1217435831.13| 000002a0 36 39 30 36 35 36 38 30 2e 31 33 36 39 30 36 35 |69065680.1369065| 000002b0 36 38 30 2e 31 33 36 39 30 36 35 36 38 30 2e 31 |680.1369065680.1| 000002c0 3b 20 5f 5f 75 74 6d 63 3d 32 32 39 35 32 33 31 |; __utmc=2295231| 000002d0 34 30 3b 20 5f 5f 75 74 6d 7a 3d 32 32 39 35 32 |40; __utmz=22952| 000002e0 33 31 34 30 2e 31 33 36 39 30 36 35 36 38 30 2e |3140.1369065680.| 000002f0 31 2e 31 2e 75 74 6d 63 73 72 3d 28 64 69 72 65 |1.1.utmcsr=(dire| 00000300 63 74 29 7c 75 74 6d 63 63 6e 3d 28 64 69 72 65 |ct)|utmccn=(dire| 00000310 63 74 29 7c 75 74 6d 63 6d 64 3d 28 6e 6f 6e 65 |ct)|utmcmd=(none| 00000320 29 3b 20 6d 61 73 74 65 72 63 68 69 65 66 3d 65 |); masterchief=e| 00000330 65 33 32 34 30 63 64 36 32 64 64 39 61 61 34 34 |e3240cd62dd9aa44| 00000340 62 32 62 35 61 35 33 39 35 34 64 64 39 33 39 3b |b2b5a53954dd939;| 00000350 00 0e 63 6f 6e 74 65 6e 74 2d 6c 65 6e 67 74 68 |..content-length| 00000360 00 08 32 33 34 2c 20 32 33 34 00 0c 63 6f 6e 74 |..234, 234..cont| 00000370 65 6e 74 2d 74 79 70 65 00 21 61 70 70 6c 69 63 |ent-type.!applic| 00000380 61 74 69 6f 6e 2f 78 2d 77 77 77 2d 66 6f 72 6d |ation/x-www-form| 00000390 2d 75 72 6c 65 6e 63 6f 64 65 64 00 06 6d 65 74 |-urlencoded..met| 000003a0 68 6f 64 00 04 50 4f 53 54 00 06 73 63 68 65 6d |hod..POST..schem| 000003b0 65 00 05 68 74 74 70 73 00 07 76 65 72 73 69 6f |e..https..versio| 000003c0 6e 00 08 48 54 54 50 2f 31 2e 31 00 03 75 72 6c |n..HTTP/1.1..url| 000003d0 00 0d 2f 63 61 72 74 2f 63 6f 6e 66 69 72 6d |../cart/confirm| 000003df
You can see that it contains the content-length
header with 234, 234
value. It is invalid and looks like two content-length
headers have been concatenated in one.
You can also observe it simply by enabling nginx debug log, or by using Opera dragonfly:
I close the ticket since it is not related to nginx. You should report about this issue to Opera team.
Thought i'd confirm that Chrome, Firefox & IE work fine.