[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
Fixed in development release, targeting to lucid as well. ** Changed in: apache2 (Ubuntu) Status: In Progress = Fix Released ** Also affects: apache2 (Ubuntu Lucid) Importance: Undecided Status: New ** Changed in: apache2 (Ubuntu Lucid) Importance: Undecided = High -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
Status of Impact: Lucid was shipped with a bug in apache that will have hundreds of client sent HTTP/1.1 request without a hostname. This has been fixed in apache 2.2.16 and have been backported to lucid. How to reproduce: 1. Install apache with mod_ssl. 2. Watch your logs fill up with the above. There should be no regressions with this patch. I have attached the debdiff for your review. -- [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
** Patch added: apache.debdiff http://launchpadlibrarian.net/53182798/apache.debdiff ** Summary changed: - client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) + [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) -- [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
Yes it should not be marked as fixed. ** Changed in: apache2 (Ubuntu) Status: Fix Released = In Progress -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
Just to chime in, this is affecting my 10.04 LTS nodes talking to my recently upgraded 10.04 LTS puppet master. Puppet sits behind Apache with mod_proxy_balancer and mod_ssl. I disabled reqtimeout and have yet to see this re-appear. -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
2.2.16-1ubuntu1 is not in lucid -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
This bug was fixed in the package apache2 - 2.2.16-1ubuntu1 --- apache2 (2.2.16-1ubuntu1) maverick; urgency=low * Merge from debian unstable. Remaining changes: - debian/{control, rules}: Enable PIE hardening. - debian/{control, rules, apache2.2-common.ufw.profile}: Add ufw profiles. - debian/control: Add bzr tag and point it to our tree. - debian/apache2-2.common.apache2.init: Add graceful restart (LP: #456381) apache2 (2.2.16-1) unstable; urgency=medium * Urgency medium for security fix. * New upstream release: - CVE-2010-1452: mod_dav, mod_cache: Fix denial of service vulnerability due to incorrect handling of requests without a path segment. - mod_dir: add FallbackResource directive, to enable admin to specify an action to happen when a URL maps to no file, without resorting to ErrorDocument or mod_rewrite * Fix mod_ssl header line corruption because of using memcpy for overlapping buffers. PR 45444. LP: #609290, #589611, #595116 apache2 (2.2.15-6) unstable; urgency=low * Fix init script not correctly killing htcacheclean. Closes: #580971 * Add a separate entry in README.Debian about the need to use apache2ctl for starting instead of calling apache2 directly. Closes: #580445 * Fix debug info to allow gdb loading it automatically. Closes: #581514 * Fix install target in Makefile created by apxs2 -n. Closes: #588787 * Fix ab sending more requests than specified by the -n parameter. Closes: #541158 * Add apache2 monit configuration to apache2.2-commons examples dir. Closes: #583127 * Build as PIE, since gdb in squeeze now supports it. * Update the postrm script to also purge the version of /var/www/index.html introduced in 2.2.11-7. * Bump Standards-Version (no changes). -- Chuck Short zul...@ubuntu.com Mon, 26 Jul 2010 20:21:37 +0100 ** Changed in: apache2 (Ubuntu) Status: Confirmed = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-1452 -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
Looks like that apache/mod_ssl fix is only in the httpd trunk, doesnt seem like it's made it into the 2.2 branch even though the fix is 2 yrs old. What's the plan for putting into the Ubuntu's apache distro? -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
It's scheduled (apache) to backport this fix to 2.2.x branch http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?revision=979087view=markup Quick fix is to uninstall optimized libc library libc6-i686. -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
I think Jiří found the source of the problem, but it is a mod_ssl bug after all. Reassigning to apache2. This would be https://issues.apache.org/bugzilla/show_bug.cgi?id=45444 ** Bug watch added: Apache Software Foundation Bugzilla #45444 http://issues.apache.org/bugzilla/show_bug.cgi?id=45444 ** Package changed: eglibc (Ubuntu) = apache2 (Ubuntu) -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
* Stefan Fritsch s...@sfritsch.de: But the bug disappears if I do mv /lib/i686 /lib/disabled_i686 I will try to reproduce this here There was a bug recently in Debian related to some gcc versions creating wrong code for SSE4. Maybe that is the problem here, too. What CPUs do you people have? Mine is a Core i7. # cat /proc/cpuinfo processor: 0 vendor_id: GenuineIntel cpu family: 6 model: 15 model name: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz stepping: 11 cpu MHz: 1600.056 cache size: 4096 KB fdiv_bug: no hlt_bug: no f00f_bug: no coma_bug: no fpu: yes fpu_exception: yes cpuid level: 10 wp: yes flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss nx lm constant_tsc arch_perfmon pebs bts tsc_reliable aperfmperf pni ssse3 cx16 hypervisor lahf_lm bogomips: 3200.11 clflush size: 64 cache_alignment: 64 address sizes: 40 bits physical, 48 bits virtual power management: Does moving /lib/i686 away (or deinstalling libc6-i686) help for you too? Does the flags line in /proc/cpuinfo on your machines contain sse4_1 or sse4_2? For reference, the Debian bug was http://bugs.debian.org/cgi- bin/bugreport.cgi?bug=583858 I can tell you that the error does NOT occur with a 64bit Ubuntu! (we reinstalled a 64bit lucid from scratch and transferred the config: the error was gone!) The problematic 32bit machine is a vmware virtual machine. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
* Stefan Fritsch s...@sfritsch.de: This is a rather strange bug: - It happens if I enable exactly two out of the three modules deflate, reqtimeout, dump_io. But not with only one or all three of them. - I have also tried replacing mod_ssl.so, mod_deflate.so, and the openssl-libs with the versions from karmic and mod_ssl.so with the version from jaunty: no change But the bug disappears if I do mv /lib/i686 /lib/disabled_i686 Confirmed. I deinstalled libc6-i686 and the error is gone! There was a bug recently in Debian related to some gcc versions creating wrong code for SSE4. Maybe that is the problem here, too. My processor only has sse3 # cat /proc/cpuinfo |grep -i sse flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss nx lm constant_tsc arch_perfmon pebs bts tsc_reliable aperfmperf pni ssse3 cx16 hypervisor lahf_lm flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss nx lm constant_tsc arch_perfmon pebs bts tsc_reliable aperfmperf pni ssse3 cx16 hypervisor lahf_lm -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
mod_reqtimeout could be a reason, since it has been activated according to apt-listchanges: apache2 (2.2.15-1) unstable; urgency=low * This release adds and enables mod_reqtimeout, which limits the time Apache waits for a client to send a complete request. This helps to mitigate against certain denial of service attacks. In case of problems with slow clients, the timeout values can be adjusted in /etc/apache2/mods-available/reqtimeout.conf , or the module can be disabled with a2dismod reqtimeout. -- Chuck Short zul...@ubuntu.com Tue, 13 Apr 2010 09:09:34 -0400 I have now disabled it and will audit the server logs whether the error has gone. -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
* Stefan Fritsch s...@sfritsch.de: I suspect this is the same issue as bug #595855 and #595116: Headers are getting truncated with https. So far, I have no idea about the reason. If you have mod_reqtimeout and/or mod_deflate enabled, you can try if disabling one or both of them makes any difference. disabling mod_deflate does indeed make it go away. -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
This is a rather strange bug: - It happens if I enable exactly two out of the three modules deflate, reqtimeout, dump_io. But not with only one or all three of them. - I have also tried replacing mod_ssl.so, mod_deflate.so, and the openssl-libs with the versions from karmic and mod_ssl.so with the version from jaunty: no change But the bug disappears if I do mv /lib/i686 /lib/disabled_i686 There was a bug recently in Debian related to some gcc versions creating wrong code for SSE4. Maybe that is the problem here, too. What CPUs do you people have? Mine is a Core i7. Does moving /lib/i686 away (or deinstalling libc6-i686) help for you too? Does the flags line in /proc/cpuinfo on your machines contain sse4_1 or sse4_2? For reference, the Debian bug was http://bugs.debian.org/cgi- bin/bugreport.cgi?bug=583858 ** Bug watch added: Debian Bug tracker #583858 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583858 -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
Actually, I have reproduced bug #595116 and not this one, but I still think it's the same. -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
Any news on this subject? I'm experiencing the same issue since the upgrade on ubuntu 10.04. I have seen Bad Request-error pages in Safari 4 and 5 and in the error-log I get client sent HTTP/1.1 request without hostname errors for the corresponding requests. It is however not reproducible, after reloading the URLs where the Bad Request-error pages were shown usually the normal content displays. Sometimes several reload tries are necessary. Any ideas where further investigations could go? I have never set up any special BrowserMatch directives, neither before nor after the upgrade. -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
I suspect this is the same issue as bug #595855 and #595116: Headers are getting truncated with https. So far, I have no idea about the reason. If you have mod_reqtimeout and/or mod_deflate enabled, you can try if disabling one or both of them makes any difference. -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
It's definitely a client-side issue, however before your upgrade your Apache configuration would just accept those broken requests without error. In particular, IE6/7 are knows for broken HTTP/1.1 handling. I wonder what changes you applied to your Apache configuration. In particular, did you use to have BrowserMatch directives that you didn't carry through your upgrade ? ** Changed in: apache2 (Ubuntu) Importance: Undecided = Medium ** Changed in: apache2 (Ubuntu) Status: New = Incomplete -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
Also could you trace the Browser(s) used on those failing requests, see if we have a pattern there ? -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
* Thierry Carrez thierry.car...@ubuntu.com: It's definitely a client-side issue, however before your upgrade your Apache configuration would just accept those broken requests without error. In particular, IE6/7 are knows for broken HTTP/1.1 handling. I wonder what changes you applied to your Apache configuration. In particular, did you use to have BrowserMatch directives that you didn't carry through your upgrade ? I have now enabled these: # Netscape 4.x has some problems... BrowserMatch ^Mozilla/4 gzip-only-text/html BrowserMatch ^Mozilla/4\.0[678] no-gzip BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html which were disabled BEFORE the upgrade. It's quite odd. I could disable them now to see if the problem reappears. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
* Thierry Carrez thierry.car...@ubuntu.com: Also could you trace the Browser(s) used on those failing requests, see if we have a pattern there ? I have no access to the clients. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
You have no access to the client, but you can trace in the server logs the UserAgent field as sent by the clients. -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
Ralf, but the client sends the http request headers with an empty Hostname: header or did I miss something, if Hostname header is not set it's http/1.0 ... I wonder if it's a client problem Regards, \sh -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
* Before update: no occurences * After update: Thousands of occurences Hmm, and this with the same set of 18.000 users. I already checked if it's one special type of client, but that is not the case. I'm seeing this form IE, from Safari, from Windows, from Mac. It's a regression of some kind. This site is a SquirrelMail installation; it's HTTPS only. I already tried disabling suhosin and mod_deflate, to no avail. -- client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs