400 Bad Request Client sent invalid request while reading client request line

[Chun Qhai]

This is error.log from nginx. I setup nginx with rtmp server. And using record command to record and stored in my specific directory. And I want to access straight direct the video file in web browser. I got 400 Bad Request.

2015/02/06 17:14:40 [info] 2789#0: *1 client sent invalid request while reading client request line, client: XX.XXX.XX.XX, server: localhost, request: "GET /vod/YwlMkR5RQHLJL23ifhkKDXxSSrYE5CoFqfwj7y-2015-02-06%H59.flv HTTP/1.1"
2015/02/06 17:14:50 [info] 2789#0: *3 client closed connection while waiting for request, client: XX.XXX.X.XX, server: 0.0.0.0:80
2015/02/06 17:14:50 [info] 2789#0: *2 client closed connection while waiting for request, client: XX.XXX.X.XX, server: 0.0.0.0:80

My /usr/local/nginx/conf/nginx.conf

#user  nobody;
worker_processes  1;

error_log  logs/error.log;
error_log  logs/error.log  notice;
error_log  logs/error.log  info;

 pid  logs/nginx.pid;


events {
    worker_connections  1024;
}

http {
    ignore_invalid_headers off;
     #proxy_buffering off;
    include       mime.types;
    default_type  application/octet-stream;
    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;
    server {
        listen       80;
        server_name  localhost;
        ignore_invalid_headers off;
        #charset koi8-r;

        #access_log  logs/host.access.log  main;
        error_log    /var/log/nginx/error.log debug;
       error_log logs/error.log debug;

        location / {
            root   html;
            index  index.html index.htm;
        }

        location /vod {
            alias /var/rec;
        }
rtmp {
        server {
                listen 1935;
                chunk_size 4096;
                notify_method get;
                allow publish my_ip;
                deny publish all;

                allow play my_ip;
                deny play all;

                application  live{
                        live on;
                        record all;
                        record_path /var/rec;
                }
                
                application live2 {
                        live on;
                        record all manual;
                        record_suffix -%Y-%m-%d%-%H%M.flv;
                        record_path /var/rec;
                }

                application vod {
                        #play /var/rec;
                        play http://54.169.145.234/vod/;
                }

               location /control {
          #  add_header Access-Control-Allow-Headers Origin,X-Requested-With,Content-Type,Accept;   
          #  add_header Access-Control-Allow-Origin *;
             rtmp_control all;
        }
        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }



        }
}

[Maxim Dounin]

The request in question is invalid, as it contains invalid escape sequence "%H5" in the request line. Quoting ​RFC3986:

Because the percent ("%") character serves as the indicator for
percent-encoded octets, it must be percent-encoded as "%25" for that
octet to be used as data within a URI.

The "%" character have to be encoded to "%25" in this request.