Hi, we are using pound 2.5.0 with several apache 2.2.9 backends. We recently began to notice '400 Bad Request' errors.
We nailed it down to apache receiving a malformed header by pound with a CR missing after the Cookie-Header if it crosses some magical length-limit. What happens then is that apache sees the Host-Header as part of the Cookie-Header (because of missing newline). The browser then just gets a '400 Bad Request'. When we delete 10-20 chars from the cookie, the problem goes away. This report seems to be the same or a related issue but never got answered: http://www.apsis.ch/pound/pound_list/archive/2011/2011-06/1308799258000#1308799258000 These two header dumps show the correct and the wrong beharviour: correct: POST /ajax-fast.php/keepalive/ HTTP/1.1. Connection: keep-alive. Content-Length: 37. Origin: https://secure.dev.example.local. X-Requested-With: XMLHttpRequest. X-Sipgate-JSON: true. User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1171.0 Safari/537.1. Content-type: application/x-www-form-urlencoded; charset=UTF-8. Accept: text/javascript, text/html, application/xml, text/xml, */*. Referer: https://secure.dev.example.local/foo. Accept-Encoding: gzip,deflate,sdch. Accept-Language: en-US,en;q=0.8. Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3. Cookie: __utmx=23419009 [ Cookie-Header shortened ] enListPage%22%3A0%7D. host: secure.dev.example.local. X-SSL-cipher: DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1. wrong: HEAD / HTTP/1.1. Connection: keep-alive. Cache-Control: max-age=0. User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1171.0 Safari/537.1. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8. Accept-Encoding: gzip,deflate,sdch. Accept-Language: en-US,en;q=0.8. Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3. Cookie: __utmx=234190091.000154718116 [ Cookie-Header shortened ] 22%5D%7D; siptrack=notrack.host: secure.dev.example.local. X-SSL-cipher: DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1. Any input on this would be appreciated. Thanks, Frank -- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions.
