Cause: mod_cgi returned 500 Internal Server Error error code when client failed to send the request before timeout.
Consequence: Client received 500 Internal Server Error code instead of 408 Timeout error code.
Fix: mod_cgi now returns 408 error code in this situation.
Result: Client receives 408 error code in this situation.
Description of problem:
When an HTTP request is sent to apache, if one specifies the content-length request header of X bytes and server doesn't receive X number of bytes within timeout period, 500 Internal Server Error is returned to the client by apache.
Version-Release number of selected component (if applicable):
Setting up mod_dav on httpd to handle PUTs and called a PUT request through curl with a Content-Length header that mismatches the actual size of the PUT content.
curl -k -v -i virtual1\\user1:test1 -H "Content-Type: text/plain; charset=utf-8" -H "Content-Length: 100" --data-binary 'test data' -X PUT "https://hostname/page"
It provides a 500 error code.
408 timeout code.
The reaction we get in this event (timing out before httpd receives the designated content-length) appears to depend on the module(s) ultimately used to serve that request. In the instance of the mod_dav reproducer, the mod_dav module likely just sees it didn't get all the expected content and so can't successfully put the file and so 500s. mod_dav likely doesn't specifically know that it doesn't get that content because httpd timed out the connection with the client and so it just provides a 500 for the mod_dav error putting that file, trumping any potential 408 provided instead at the base httpd level for such a timeout.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.