https://issues.apache.org/bugzilla/show_bug.cgi?id=57198
Bug ID: 57198
Summary: mod_proxy_fcgi wrong behavior with 304
Product: Apache httpd-2
Version: 2.4.10
Hardware: PC
OS: Linux
Status: NEW
Severity: major
Priority: P2
Component: mod_proxy_fcgi
Assignee: [email protected]
Reporter: [email protected]
The patch r1331416 introduced a serious bug:
In the case described in bug 52879 (a PHP script run as fastcgi through php-fpm
and mod_proxy_fcgi which returns a Last-Modified header with no Status header),
httpd (after fix r1331416) does indeed now return a 304 status (if a matching
If-not-modified header is in the request) BUT the content of the php script is
also sent.
This breaks the http protocol as described in rfc2616 section 10.3.5: "The 304
response MUST NOT contain a message-body, and thus is always terminated by the
first empty line after the header fields."
This invalid behavior cause a serious problem when processed by a reverse proxy
placed in front of the backends. When the proxy receives this invalid 304
response (containing a body), it immediately sends a 304 to the client and
ignores the rest of the packet; but the next packets sent by the backend stay
in the tcp stack (the proxy does not expect further content). The reverse proxy
prepends these packets in the response to the next request routed to the same
backend. This, of course, seriouly breaks our applications...
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
