Opened 11 years ago

Closed 11 years ago

#429 closed defect (invalid)

nginx eats response header

Reported by: openid.aliz.es/anonymous Owned by:
Priority: major Milestone:
Component: nginx-core Version:
Keywords: Cc:
uname -a: Linux localhost.localdomain 3.7.10-1.16-desktop #1 SMP PREEMPT Fri May 31 20:21:23 UTC 2013 (97c14ba) x86_64 x86_64 x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.5.6
built by gcc 4.7.2 20130108 [gcc-4_7-branch revision 195012] (SUSE Linux)
TLS SNI support enabled
configure arguments: --prefix=/tmp/nginx --with-rtsig_module --with-select_module --with-poll_module --with-file-aio --with-ipv6 --with-http_ssl_module --with-http_spdy_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module --with-http_image_filter_module --with-http_geoip_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_auth_request_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_stub_status_module --with-http_perl_module --with-mail --with-mail_ssl_module --with-cpp_test_module --with-pcre --with-pcre-jit --with-md5-asm --with-sha1-asm --with-debug

Description

/tmp/app.psgi

require Plack::Handler::FCGI;
my $app = sub {
    return [
        200,
        ['Transfer-Encoding' => 'gzip'],
        [
            "\x1f\x8b\x08\x00\x42\xb5\x6e\x52\x00\x03\x0d\x8e\xc9\x11\xc0".
            "\x40\x0c\x83\x5a\x5a\x5d\xb6\xdc\x7f\x63\xc9\x9f\x01\x40\x39".
            "\xb3\x3d\x3c\x00\x84\x60\x04\x83\x45\x71\x7c\x04\x49\xd1\x0c".
            "\x87\xcb\xf2\xf4\x04\x51\x92\x15\x8d\x56\xd5\xf9\x19\xa6\x65".
            "\x3b\x1e\xaf\xeb\xcb\x0b\xc2\x28\x4e\x32\xd9\x34\x37\x6f\x30".
            "\x1c\x8d\x27\x33\xb3\xd3\xb9\x7d\x8b\xe5\x6a\xbd\xd9\xd9\xdd".
            "\xee\xf5\x15\x65\x55\x37\x9d\x6e\xdb\xbb\x77\xff\xd0\xfd\xb1".
            "\xfb\x45\xf7\x43\xf7\x3f\xbf\x0f\x91\x17\x68\x2e\xc0\x00\x00\x00"
        ]
    ];
};

to reproduce:

$ plackup -s FCGI --listen /tmp/test.sock --nproc 1 /tmp/app.psgi
$ nginx   # 1.5.6 configured to run that fcgi app, port 80

        $ diff -U1 nginx.conf.default nginx.conf
        --- nginx.conf.default  2013-10-28 14:25:46.225702993 +0100
        +++ nginx.conf  2013-10-29 10:42:56.052182114 +0100
        @@ -43,4 +43,5 @@
                location / {
        -            root   html;
        -            index  index.html index.htm;
        +                include /tmp/nginx/conf/fastcgi_params;
        +                fastcgi_pass  unix:/tmp/test.sock;
        +                fastcgi_param  SCRIPT_NAME '/tmp/app.psgi';
                }

$ curl -H 'TE: gzip' http://localhost

wireshark dump

GET / HTTP/1.1
User-Agent: curl/7.30.0
Host: localhost
Accept: */*
TE: gzip

HTTP/1.1 200 OK
Server: nginx/1.5.6
Date: Tue, 29 Oct 2013 09:43:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive

79
....B.nR......@..ZZ]...c...@9.=<..`..Eq|.I.......Q...V....e;......(N2.47o0..'3...}..j.......eU7.n..w.....E.C.?....h.....
0

expected to get response header

Transfer-Encoding: gzip, chunked

really got response header

Transfer-Encoding: chunked

Change History (1)

comment:1 by Maxim Dounin, 11 years ago

Resolution: invalid
Status: newclosed

You should not (or rather "MUST NOT", following the specs) use Transfer-Encoding in your FastCGI script output. The CGI specification, which is used by FastCGI as a basis, says (http://tools.ietf.org/html/rfc3875#section-6.3.4):

   The script MUST NOT return any header fields that relate to
   client-side communication issues and could affect the server's
   ability to send the response to the client.  The server MAY remove
   any such header fields returned by the client.  It SHOULD resolve any
   conflicts between header fields returned by the script and header
   fields that it would otherwise send itself.

And what nginx does is in line with the specification - it removes headers which may affect it's communication with the client, Transfer-Encoding in this case.

Note: See TracTickets for help on using tickets.