id summary reporter owner description type status priority milestone component version resolution keywords cc uname nginx_version 915 """Upgrade"" header should not be proxied over h2" Guillaume Rossolini "When proxying an HTTP/2-enabled webserver with nginx, nginx fetches resources using HTTP/1.1, which the backend server tries to upgrade to HTTP/2 by sending the ""Upgrade: h2"" header. In the default configuration, this header is then forwarded to the client, which is incorrect. In the case of nghttp, this is interpreted as an error: {{{ inflatehd: header emission: upgrade: h2 recv: proclen=10 recv: HTTP error: type=1, id=13, header upgrade: h2 [ 0.008] [INVALID; error=Invalid HTTP header field was received] recv HEADERS frame ; END_HEADERS (padlen=0) ; First response header recv: [IB_IGN_HEADER_BLOCK] }}} cf. https://github.com/curl/curl/issues/674 An example setup would be using httpd-2.4 as a backend. This is easily remedied with the following nginx proxy config: {{{ proxy_hide_header Upgrade; }}} But maybe the default behaviour could be improved?" enhancement new minor nginx-module 1.9.x Linux XYZ 3.2.0-4-amd64 #1 SMP Debian 3.2.57-3 x86_64 GNU/Linux "nginx version: nginx/1.9.12 built by gcc 4.7.2 (Debian 4.7.2-5) built with OpenSSL 1.0.2f 28 Jan 2016 TLS SNI support enabled configure arguments: --with-cc-opt=-I/usr/local/include --with-ld-opt=-L/usr/local/lib --with-cpu-opt=amd64 --sbin-path=/usr/local/sbin --with-http_ssl_module --without-mail_pop3_module --without-mail_imap_module --without-mail_smtp_module --with-http_gunzip_module --with-http_stub_status_module --with-http_gzip_static_module --with-http_v2_module --add-module=/usr/local/src/ngx_brotli-557486 --conf-path=/etc/nginx/nginx.conf"