Re: POST + 500 + Response returns no content
> > > > >> E.g. "Transfer-Encoding: chunked" and "Content-Length" are mutually >> exclusive, cannot be used at the same time, cannot be used more than >> once. They should not be blindly copied. >> > > Good question on that, I can take a look. I remove Content-Length from > the downstream response but I'll also see if removing Transfer-Encoding > helps. > > > >> >> it looks like we have a winner! I added Transfer-Encoding to the list of downstream response headers to ignore and it looks like its working. Thanks
Re: POST + 500 + Response returns no content
> > > > Status 500 means that some error happened during processing. > > Is there anything in the logs? Exceptions? > > The 500 was generated by a downstream Tomcat 8.5.11 server, this one is just trying to proxy the message. > Maybe the browser closes the connection by its own decision, without > reading the response? (Thus a > org.apache.catalina.connector.ClientAbortException happens. I think it > may be logged as status 500). > > Usually you get an error on Tomcat when that happens > > If I see correctly, ProxyResponse copies the headers from somewhere > (from a proxied response?). > > Are those headers sane and correct? > > They're being proxied from the downstream server which is another tomcat. > E.g. "Transfer-Encoding: chunked" and "Content-Length" are mutually > exclusive, cannot be used at the same time, cannot be used more than > once. They should not be blindly copied. > Good question on that, I can take a look. I remove Content-Length from the downstream response but I'll also see if removing Transfer-Encoding helps. > > The status code is coped from somewhere. Does it have the expected value > (200)? > > In this case 500 is expected since input didn't pass validation. > Is the text in those headers (and status message) correct 7-bit > US-ASCII characters? > > > Can this be tested with a simple browser like Curl or Wget that can > log response headers? > Or a simple raw client (telnet, puTTY). > > i can see the headers in chrome and firefox. Nothing out of the ordinary. > > I do not see anything in changelog for 8.0.40-8.0.41 that could result > in such change in behaviour. Maybe configurations of the two systems > are different? > > No changes. I have a source2image process that builds the docker container https://github.com/TremoloSecurity/OpenUnisonS2IDocker so when a new version comes out i just up the version number to get it pulled. > Make sure that there are no duplicate jars in WEB-INF/lib. > Sometimes building a project pulls in several copies of the same > library, and the order of jars in WEB-INF/lib is random and depends on > version of Java. Thus you won't know what version wins. > > I don't think this is the issue since it happens ONLY on Post+500, not Post+200 > Do both systems use the same connector type (bio/nio/apr, ajp/http/https)? > > > both systems are using the same docker image base so exactly the same except for the webapp > Try running WireShark, to inspect network traffic? > https://www.wireshark.org/ encrypted so not good > > > Try running with a debugger? > https://wiki.apache.org/tomcat/FAQ/Developing#Debugging > > yes, i have verified that my code is sending the expected data to Tomcat, Tomcat is not doing anything with that data though. Thanks Marc
Re: POST + 500 + Response returns no content
> > > I'm working directly with the servlet api. Whats odd is it worked fine in > 8.0.39. The response is set first: > > > Also, I just verified the issue doesn't occur using undertow 1.3.25
Re: POST + 500 + Response returns no content
2017-03-12 15:32 GMT+03:00 Marc Boorshtein: > Mark & Olaf, > > I'm working directly with the servlet api. Whats odd is it worked fine in > 8.0.39. The response is set first: > > https://github.com/TremoloSecurity/OpenUnison/blob/1.0.9/unison/unison-server-core/src/main/java/com/tremolosecurity/proxy/filter/PostProcess.java > - lines 110-121 > > Then I set the cookies and the headers: > > https://github.com/TremoloSecurity/OpenUnison/blob/1.0.9/unison/unison-server-core/src/main/java/com/tremolosecurity/proxy/ConfigSys.java > line 310 --> > https://github.com/TremoloSecurity/OpenUnison/blob/1.0.9/unison/unison-server-core/src/main/java/com/tremolosecurity/proxy/ProxyResponse.java > line 205 > > Finally, I'm writing the actual content: > > https://github.com/TremoloSecurity/OpenUnison/blob/1.0.9/unison/unison-server-core/src/main/java/com/tremolosecurity/proxy/ConfigSys.java > line 316 --> line 515 > > I setup traces and have verified that the codes are being set properly, the > response isn't committed until AFTER I write the content but for some > reason the data isn't going back to the browser (the headers aren't either > so its not just the content). The only thing thats sent back is the status > code. Status 500 means that some error happened during processing. Is there anything in the logs? Exceptions? Maybe the browser closes the connection by its own decision, without reading the response? (Thus a org.apache.catalina.connector.ClientAbortException happens. I think it may be logged as status 500). If I see correctly, ProxyResponse copies the headers from somewhere (from a proxied response?). Are those headers sane and correct? E.g. "Transfer-Encoding: chunked" and "Content-Length" are mutually exclusive, cannot be used at the same time, cannot be used more than once. They should not be blindly copied. The status code is coped from somewhere. Does it have the expected value (200)? Is the text in those headers (and status message) correct 7-bit US-ASCII characters? Can this be tested with a simple browser like Curl or Wget that can log response headers? Or a simple raw client (telnet, puTTY). I do not see anything in changelog for 8.0.40-8.0.41 that could result in such change in behaviour. Maybe configurations of the two systems are different? Make sure that there are no duplicate jars in WEB-INF/lib. Sometimes building a project pulls in several copies of the same library, and the order of jars in WEB-INF/lib is random and depends on version of Java. Thus you won't know what version wins. Do both systems use the same connector type (bio/nio/apr, ajp/http/https)? Try running WireShark, to inspect network traffic? https://www.wireshark.org/ Try running with a debugger? https://wiki.apache.org/tomcat/FAQ/Developing#Debugging Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: POST + 500 + Response returns no content
Mark & Olaf, I'm working directly with the servlet api. Whats odd is it worked fine in 8.0.39. The response is set first: https://github.com/TremoloSecurity/OpenUnison/blob/1.0.9/unison/unison-server-core/src/main/java/com/tremolosecurity/proxy/filter/PostProcess.java - lines 110-121 Then I set the cookies and the headers: https://github.com/TremoloSecurity/OpenUnison/blob/1.0.9/unison/unison-server-core/src/main/java/com/tremolosecurity/proxy/ConfigSys.java line 310 --> https://github.com/TremoloSecurity/OpenUnison/blob/1.0.9/unison/unison-server-core/src/main/java/com/tremolosecurity/proxy/ProxyResponse.java line 205 Finally, I'm writing the actual content: https://github.com/TremoloSecurity/OpenUnison/blob/1.0.9/unison/unison-server-core/src/main/java/com/tremolosecurity/proxy/ConfigSys.java line 316 --> line 515 I setup traces and have verified that the codes are being set properly, the response isn't committed until AFTER I write the content but for some reason the data isn't going back to the browser (the headers aren't either so its not just the content). The only thing thats sent back is the status code. Thanks > > >
Re: POST + 500 + Response returns no content
On 12 March 2017 05:12:09 GMT+00:00, Marc Boorshteinwrote: >I'm running tomcat 8.0.41 on a CentOS7 Docker container. Something >very >strange is happening. If I use a GET and return a 200 with JSON >content >the data gets back to my browser. But if I run a POST and return a 500 >with the content being JSON written to response.getOutputStream() >(including a flush) I get no content getting back to my browser. I can >see >the content being written and on a flush response is setting isCommited >to >true. What am I missing? How are you setting the response code? Mark - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: POST + 500 + Response returns no content
Am 12.03.2017 um 06:12 schrieb Marc Boorshtein: > What am I missing? > IMHO: * A code sample, and if that doesn't uniquely answer the next question: * Are you working directly on the Servlet API or involve any other library? (which version?) Without this, it's hard to give some suggestion with regards to code not working. Olaf - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
POST + 500 + Response returns no content
I'm running tomcat 8.0.41 on a CentOS7 Docker container. Something very strange is happening. If I use a GET and return a 200 with JSON content the data gets back to my browser. But if I run a POST and return a 500 with the content being JSON written to response.getOutputStream() (including a flush) I get no content getting back to my browser. I can see the content being written and on a flush response is setting isCommited to true. What am I missing? Thanks