On Mon, Dec 24, 2012 at 9:17 AM, Willy Tarreau <[email protected]> wrote:
> On Mon, Dec 24, 2012 at 08:17:13AM +0100, Willy Tarreau wrote:
>> On Mon, Dec 24, 2012 at 02:50:38PM +0800, ???????? wrote:
>> > dear haproxy,
>> > I have a question
>> > haproxy1.5.15 version of IE address bar to the back-end web transmission
>> > Chinese parameters . returns " The page can not be displayed . dns check
>> > " Firefox does not have this problem .
>> > Not have this problem but in haproxy1.4.18 Edition .
>> > I hope to be resolved in the new version instinct
>>
>> Could you please :
>> - post the configuration which reproduces this issue (without sensible
>> parts)
>> - provide an example of response that is blocked, or at least a URL which
>> returns the content that seem to be blocked
>> - try with "option accept-invalid-http-response"
>>
>> I suspect that your server returns non HTTP-compliant protocol which
>> is blocked, typically some non US-ASCII encoded header names.
>
> Just for the record, in case other people are reading about this issue,
> it was the usual MSIE bug which forgets to url-encode the data sent in the
> query string when following links that are provided by the application
> (forms are correctly encoded).
>
> Using "option '" fixes the issue here.
>
> Willy
>
>
Hi Willy,
This leads to one remark: either accept-invalid-http-request is
enabled or disabled...
Could it be enabled by default and disabled in some cases (chosen by
layer 7 ACL)?
ie:
option accept-invalid-http-request if { hdr_sub(User-Agent) MSIE }
If you see what I mean...
I guess you'll tell me this is not possible since the request check is
done before the l7 ACLs are available, so this would not be doable. :)
cheers
