Re: HTTPD 2.2.17 removes/filters http header 'Warning' from response

[Anoop L <anpl1980@xxxxxxxxx>]

Thank you so much Eric and Tom.

We do not use warn-date in the response header. I added that. Still header 'Warning' missing. 

HTTP/1.1 200 OK

Date: Fri, 07 Sep 2012 06:49:39 GMT

Server: Apache-Coyote/1.1

Accept: application/json

Content-Length: 468

Content-Type: application/json

warn-date: 2012-11-05T08:15:30-05:00

Warning1: This API has been deprecated and may not be supported after 2012-11-05T08:15:30-05:00

Thinking if the date at the end of warning message can be the issue, I removed that still warning is filtered.

Thanks,

Anoop

On Thu, Sep 6, 2012 at 8:15 PM, Tom Evans <tevans.uk@xxxxxxxxxxxxxx> wrote:

On Thu, Sep 6, 2012 at 12:27 PM, Eric Covener <covener@xxxxxxxxx> wrote:
> On Thu, Sep 6, 2012 at 6:59 AM, Anoop L <anpl1980@xxxxxxxxx> wrote:
>> Hi All,
>>
>> We  use HTTPD 2.2.17  with Mod_ssl and Mod_proxy in front of HA_proxy to
>> terminate https.
>>
>> When the backend sends http header named 'Warning' HTTPD removes that from
>> response sent to client. I tried adding a customer header value named
>> 'Warning1' and client gets that value in response. Any idea why Apache
>> filters 'Warning' header is it a bug or related to security.
>>
>> Any help would be appreciated.
>
> It looks like mod_proxy filters warnings that have a date in the
> warning that doesn't match the backend Date: header.
>

As required by the RFC:

http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.46

(Final paragraph in that section)

Cheers

Tom

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx