Hi,
could anyone explain what is wrong with following HTTP-request? Nginx (btw)
is working fine.
------------------
[22/Dec/2014:16:33:11.765] frontend https_frontend_ssl_terminate (#3):
invalid request
backend <NONE> (#-1), server <NONE> (#-1), event #7
src <example1>:49803, session #24184, session flags 0x00000080
HTTP msg state 27, msg flags 0x00000000, tx flags 0x00000000
HTTP chunk len 0 bytes, HTTP body len 0 bytes
buffer flags 0x00808002, out 0 bytes, total 511 bytes
pending 511 bytes, wrapping at 65535, error at position 60:
00000 GET
/a/sbp/3064/ru_RU/e1cib/userSettings?cmd=load&objectKey=\xCE\xE1
00062+
\xF9\xE5\xE5/\xC8\xF1\xF2\xEE\xF0\xE8\xFF\xCF\xEE\xE8\xF1\xEA\xE0\xD2
00080+
\xE0\xE1\xEB\xE8\xF6\xFB/\xCE\xE1\xF9\xE0\xFF\xD4\xEE\xF0\xEC\xE0.\xD0
00099+
\xE0\xE1\xEE\xF7\xE8\xE9\xD1\xF2\xEE\xEB.\xD1\xEF\xE8\xF1\xEE\xEA\xC7
00117+ \xE0\xE4\xE0\xF7 HTTP/1.1\r\n
00132 Accept: application/json\r\n
00158 Content-Type: application/json; charset=utf-8\r\n
00205 Referer: https://<example2>/a/sbp/3064/ru_RU/\r\n
00252 Accept-Language: ru-RU\r\n
00276 Accept-Encoding: gzip, deflate\r\n
00308 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0;
rv:11.0)
00378+ like Gecko\r\n
00390 Host: <example2>\r\n
00408 DNT: 1\r\n
00416 Connection: Keep-Alive\r\n
00440 Cookie: vrs_rc=47;
vrs_session=db3e3ed8-b802-4bf7-b11d-bc838cc62776\r
00508+ \n
00509 \r\n
------------------
I have dozens of such requests actually.
In haproxy.cfg I have options "accept-invalid-http-request",
"accept-invalid-http-response" and use "mode http" for logging purposes:
-----
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
stats socket /var/run/haproxy.sock level admin
maxconn 4096
chroot /usr/share/haproxy
uid 99
gid 99
daemon
tune.ssl.default-dh-param 2048
tune.bufsize 65535
tune.maxrewrite 1024
defaults
log global
mode http
option httplog
option dontlognull
option redispatch
option tcp-smart-accept
option tcp-smart-connect
retries 3
maxconn 2000
timeout connect 5000
timeout check 3000
timeout client 50000
timeout server 50000
timeout http-request 20s
errorfile 503 /etc/haproxy/err/503err.http
frontend http_frontend *:80
mode http
redirect scheme https code 301 if !{ ssl_fc }
frontend https_frontend_ssl_terminate
bind *:443 ssl crt /etc/haproxy/ssl/cert_bundle_w_pkey.pem ciphers
AES256+EECDH:AES256+EDH:HIGH:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS
compression algo gzip
compression type text/html text/plain text/javascript
application/javascript application/xml text/css
option httplog
option accept-invalid-http-request
mode http
use_backend errloc_server if { url_beg /error-static/ }
default_backend web_server
backend web_server
mode http
balance roundrobin
option accept-invalid-http-response
server s1 <ip1>:443 check port 80 inter 2000 fall 3 rise 2 ssl
verify none
server s2 <ip2>:443 check port 80 inter 2000 fall 3 rise 2 ssl
verify none backup
backend errloc_server
mode http
server localnginx 127.0.0.1:8080 check
-----
--
Best regards, Juriy Strashnov
Please consider the environment before printing this email.
