motongxue commented on issue #10927: URL: https://github.com/apache/apisix/issues/10927#issuecomment-1987931966
> I have found the cause of this bug. I will fix this later. > > ### Case 1: > * request contains payload > * original request method: GET > * fw auth request method: GET > > In this case, APISIX [unconditionally adds](https://github.com/apache/apisix/pull/10589/files#diff-4b85e7666119852676bcd1c5fd15889e752f061a9ae891e10a0cbbefd30c2e0dR92) the `Content-Length` header to the request to be sent to `fw-auth.uri` but the request body (to `fw-auth.uri`) is empty. This causes the `fw-auth` server to wait endlessly to read the content. > > #### Solution: > * add content-length header only if the `fw-auth.request_method` is POST. > > ### Case 2: > * request contains payload > * original request method: POST > * fw auth request method: POST > > In this case, APISIX [passes](https://github.com/apache/apisix/pull/10589/files#diff-4b85e7666119852676bcd1c5fd15889e752f061a9ae891e10a0cbbefd30c2e0dR115) `client-body-reader` by default. (this was added to support passing large request body to fw-auth). `client-body-reader` reads the request body and makes it empty. But since the `content-length` is non zero the upstream server again waits endlessly to read the request body which is no longer available. > > #### Solution: > 1. Use the `client-body-reader` only if the request body is too large. (How much is too large is unknown) > 2. If using `client-body-reader` store the `req-body` in a var before sending the request to `fw-auth` server. After request from `fw-auth` is successful, restore the request body. Hello abhishek. I have submitted a https://github.com/apache/apisix/pull/11023 regarding your issue, and I hope it can be of help to you. At the same time, I would greatly appreciate your assistance in reviewing and finalizing the test cases. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
