Bug 106454 - ProxyPass modifies http header removing Content-Length field
ProxyPass modifies http header removing Content-Length field
Status: CLOSED ERRATA
Product: Red Hat Linux
Classification: Retired
Component: httpd (Show other bugs)
9
All Linux
low Severity medium
: ---
: ---
Assigned To: Joe Orton
David Lawrence
: FutureFeature
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-10-07 06:05 EDT by Pedro Bezunartea
Modified: 2007-03-27 00:10 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2003-12-16 16:45:24 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
This is a tcpdump from the client with the browser (3.93 KB, application/octet-stream)
2003-10-07 07:23 EDT, Pedro Bezunartea
no flags Details
tcpdump from the server to the camera (5.66 KB, application/octet-stream)
2003-10-07 07:24 EDT, Pedro Bezunartea
no flags Details
tcpdump from the server to the camera (5.66 KB, application/octet-stream)
2003-10-07 07:25 EDT, Pedro Bezunartea
no flags Details
Tcpdump of comm. from the client to the server (11.14 KB, application/octet-stream)
2003-10-07 10:58 EDT, Pedro Bezunartea
no flags Details
Tcpdump of comm. from apache server to the camera. (25.25 KB, application/octet-stream)
2003-10-07 11:01 EDT, Pedro Bezunartea
no flags Details
Tcpdump client-server with downgrade-1.0 directive (49.85 KB, application/octet-stream)
2003-10-09 06:30 EDT, Pedro Bezunartea
no flags Details
Tcpdump server-camera with downgrade-1.0 directive (58.30 KB, text/plain)
2003-10-09 06:31 EDT, Pedro Bezunartea
no flags Details

  None (edit)
Description Pedro Bezunartea 2003-10-07 06:05:39 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 Galeon/1.2.5 (X11; Linux i686; U;) Gecko/0

Description of problem:
I use the ProxyPass to access several JVC VNetwork Cameras connected to a Linux
Server (RH 9). I use the following lines in httpd.conf:
ProxyPass /camera1 http://192.168.0.1
ProxyPass /camera2 http://192.168.0.2
...

The problem started when I updated the httpd server from version 2.0.40-21.3 to
2.0.40-21.5. The request was http://server/camera2/java.jpg which is a live
image taken from the JVC VN-C10U camera internal web server, and the http header
changed from version 2.0.40-21.3:
-----------------------------
HTTP/1.1 200 OK
Date: Fro, 03 Oct 2003 11:02:33 GMT
Server: JVC/1.1
Content-Type: image/jpeg
Cache-Control: no-cache
Pragma: no-cache
ETag: "54651516"
Content-Length: 18932
Connection: close
-----------------------------

To version 2.0.40-21.5:
-----------------------------
HTTP/1.1 200 OK
(... same as before)
ETag: "54447730"
Connection: close
Transfer-Encoding: chunked
-----------------------------

If you try to load the image from a browser it works fine, but the Java applet
the camera includes to see live images doesn't. I guess it needs a
Content-Length http header field. All the applet does is to load via
http://server/camera2/java.jpg and show it in the applet.


Version-Release number of selected component (if applicable):
2.0.40-21.5

How reproducible:
Always

Steps to Reproduce:
1. Add the following line in httpd.conf:
ProxyPass /camera http://80.25.71.40:4001
(I've setup a camera to be available at that address.)
2. Restart apache web server (2.0.40-21.5)
3. With a java-ready browser load the following:
http://your-server/camera/java-e.html


Actual Results:  The applet loads fine, but the images don't.

Expected Results:  The applet should be able to load the images the same way as
if you were directly connected to the camera: http://80.25.71.40:4001/java-e.html


Additional info:
Comment 1 Joe Orton 2003-10-07 06:11:49 EDT
That in itself is not a bug - it may be that the applet is buggy.

Can you capture a complete network trace between the applet and the server (and
applet and proxy) with "tcpdump -w" and attach that?

It may be you need a BrowserMatch to force an HTTP/1.0 response to the applet, try 
something like the existing:

BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0
Comment 2 Pedro Bezunartea 2003-10-07 07:23:11 EDT
Created attachment 94976 [details]
This is a tcpdump from the client with the browser
Comment 3 Pedro Bezunartea 2003-10-07 07:24:16 EDT
Created attachment 94977 [details]
tcpdump from the server to the camera
Comment 4 Pedro Bezunartea 2003-10-07 07:25:34 EDT
Created attachment 94978 [details]
tcpdump from the server to the camera

Both dumps were made with apache version 2.0.40-21.5.
Comment 5 Joe Orton 2003-10-07 08:34:58 EDT
Sorry, that needs to be "tcpdump -s0 -w" otherwise tcpdump only captures a few
bytes of packet data.  Can you redo?
Comment 6 Pedro Bezunartea 2003-10-07 10:58:58 EDT
Created attachment 94987 [details]
Tcpdump of comm. from the client to the server

I added the line 'BrowserMatch "Java/1" force-response-1.0' first, and
'BrowserMatch "Java/1.4.2_01" force-response-1.0' later, but neither made a
difference.
Comment 7 Pedro Bezunartea 2003-10-07 11:01:47 EDT
Created attachment 94988 [details]
Tcpdump of comm. from apache server to the camera.

This file is related to the previous attachment #94987 [details].
Comment 8 Joe Orton 2003-10-08 05:31:07 EDT
Try "downgrade-1.0" in the BrowserMatch line as well.  The traces seem to show
the server acting correctly, but the Java client is closing the connection as
soon as it receives the chunked response.
Comment 9 Pedro Bezunartea 2003-10-09 04:45:08 EDT
Added the following line to httpd.conf:
BrowserMatch "Java/1" force-response-1.0 downgrade-1.0
But the applet still doesn't work. Is there a way to make the ProxyPass work
like the previous version?
Comment 10 Joe Orton 2003-10-09 05:05:45 EDT
Can you attach the tcpdump between client and server in that configuration?
Comment 11 Pedro Bezunartea 2003-10-09 06:30:28 EDT
Created attachment 95067 [details]
Tcpdump client-server with downgrade-1.0 directive
Comment 12 Pedro Bezunartea 2003-10-09 06:31:28 EDT
Created attachment 95068 [details]
Tcpdump server-camera with downgrade-1.0 directive
Comment 13 Joe Orton 2003-10-09 06:45:52 EDT
The bottom line is that the proxy is compliant with the HTTP specification, but
the Java applet is not at all compliant.

We'll look into adding a workaround for this to preserve the Content-Length
header if possible; apparently the "Windows Update" client has the same, severe,
problem.
Comment 14 Joe Orton 2003-11-04 09:31:16 EST
There are packages here which might fix this problem:

http://people.redhat.com/jorton/9-httpd/

can you try these out?
Comment 15 Pedro Bezunartea 2003-11-04 13:27:08 EST
Tryed and worked just fine :)

Thanks, Pedro.
Comment 16 Mark J. Cox (Product Security) 2003-12-16 16:45:24 EST
An errata has been issued which should help the problem described in this bug report. 
This report is therefore being closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, please follow the link below. You may reopen 
this bug report if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2003-320.html

Note You need to log in before you can comment on or make changes to this bug.