https://issues.apache.org/bugzilla/show_bug.cgi?id=53281
--- Comment #14 from Konstantin Preißer <kpreis...@apache.org> --- (In reply to saurabh from comment #12) > Created attachment 30912 [details] > HTTP 0.9 response from the server > > I tried the identical steps that have been provided and the browser receives > garbage value with HTTP/0.9 response. I've attached the Live HTTP headers > capture of the same. Just because some Browser Add-on reports a "HTTP/0.9 200 OK" response it doesn't necessarily mean that this is what Tomcat is actually sending (otherwise you should have seen that response when you are connecting with telnet. My guess would be that the add-on (or even the browser) is trying to interpret SSL bytes as plain HTTP response, and because it fails, displayes some "HTTP/0.9" response. I verified this by setting up Tomcat 6.0.37 with a SSL connector using JSSE, and downloadeding the Live HTTP headers addon for Firefox. I use a tool to intercept the TCP connections and record the exact data packets that were sent. I then opened the URL "http://localhost:8443/"; with Firefox. This is what was sent from Firefox to Tomcat (309 bytes): 47 45 54 20 2F 20 48 54 54 50 2F 31 2E 31 0D 0A GET / HTTP/1.1.. 48 6F 73 74 3A 20 6C 6F 63 61 6C 68 6F 73 74 3A Host: localhost: 38 34 34 33 0D 0A 55 73 65 72 2D 41 67 65 6E 74 8443..User-Agent 3A 20 4D 6F 7A 69 6C 6C 61 2F 35 2E 30 20 28 57 : Mozilla/5.0 (W 69 6E 64 6F 77 73 20 4E 54 20 36 2E 33 3B 20 57 indows NT 6.3; W 4F 57 36 34 3B 20 72 76 3A 32 34 2E 30 29 20 47 OW64; rv:24.0) G 65 63 6B 6F 2F 32 30 31 30 30 31 30 31 20 46 69 ecko/20100101 Fi 72 65 66 6F 78 2F 32 34 2E 30 0D 0A 41 63 63 65 refox/24.0..Acce 70 74 3A 20 74 65 78 74 2F 68 74 6D 6C 2C 61 70 pt: text/html,ap 70 6C 69 63 61 74 69 6F 6E 2F 78 68 74 6D 6C 2B plication/xhtml+ 78 6D 6C 2C 61 70 70 6C 69 63 61 74 69 6F 6E 2F xml,application/ 78 6D 6C 3B 71 3D 30 2E 39 2C 2A 2F 2A 3B 71 3D xml;q=0.9,*/*;q= 30 2E 38 0D 0A 41 63 63 65 70 74 2D 4C 61 6E 67 0.8..Accept-Lang 75 61 67 65 3A 20 64 65 2D 64 65 2C 64 65 3B 71 uage: de-de,de;q 3D 30 2E 38 2C 65 6E 2D 75 73 3B 71 3D 30 2E 35 =0.8,en-us;q=0.5 2C 65 6E 3B 71 3D 30 2E 33 0D 0A 41 63 63 65 70 ,en;q=0.3..Accep 74 2D 45 6E 63 6F 64 69 6E 67 3A 20 67 7A 69 70 t-Encoding: gzip 2C 20 64 65 66 6C 61 74 65 0D 0A 43 6F 6E 6E 65 , deflate..Conne 63 74 69 6F 6E 3A 20 6B 65 65 70 2D 61 6C 69 76 ction: keep-aliv 65 0D 0A 0D 0A e.... This is what Tomcat responded (7 bytes): 15 03 01 00 02 02 0A ....... (Connection closed) This is what Live HTTP headers reported: http://localhost:8443/ GET / HTTP/1.1 Host: localhost:8443 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Connection: keep-alive HTTP/0.9 200 OK ---------------------------------------------------------- As you can see, Tomcat didn't returin anything like "HTTP/0.9 200 OK" plain text in its SSL response although Live HTTP Headers reports this. Instead it sends some some SSL reply (though I do not have examined what kind of reply it is), since actually you are sending some garbage to a SSL connector here. If Tomcat could be enhanced to recognize a erroneously sent plain HTTP request to a HTTPS/SSL connector (like HTTPD does) is another question. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
