RE: Apache failing on invalid header. Is there a way to allow apache to proceed?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: <users@xxxxxxxxxxxxxxxx>
Subject: RE: Apache failing on invalid header. Is there a way to allow apache to proceed?
From: "Brown Chris-CCB034" <Christopher.Brown@xxxxxxxxxxxx>
Date: Fri, 21 Dec 2007 11:22:20 -0500
In-reply-to: <EDF27F298D4B03498AE0C249A941DFF8026F88FF@xxxxxxxxxxxxxxxxxxxx>
Reply-to: users@xxxxxxxxxxxxxxxx
Thread-index: AchD7HtFISBxbKS8T86wb3ZKN+QAiwAAJb1gAAAcYrA=
Thread-topic: Apache failing on invalid header. Is there a way to allow apache to proceed?

Also, we're seeing Apache allow the GET request to proceed, but the failed response below is returned on the POST request. Why is it not failing on the GET request, even though the same bad header format is present?

Thanks,

Chris

From: Brown Chris-CCB034
Sent: Friday, December 21, 2007 10:19 AM
To: users@xxxxxxxxxxxxxxxx
Subject: Apache failing on invalid header. Is there a way to allow apache to proceed?

I'm seeing a request come in with a bad http header. This is the tail end of the message:

00c0 74 2f 76 33 2f 76 33 76 31 2e 78 6d 6c 0d 0a 78   t/v3/v3v 1.xml..x
00d0 2d 75 70 2d 63 61 6c 6c 69 6e 67 2d 6c 69 6e 65   -up-call ing-line
00e0 2d 69 64 3a 20 31 36 33 30 39 38 31 37 32 33 39   -id: 163 09817239
00f0 0d 0a 50 0e 92 0d 0a 43 6f 6e 74 65 6e 74 2d 54   ..P....C ontent-T
0100 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e   ype: app lication

This is a portion of the Apache response:

0x0140: 3e3c 626f 6479 3e0a 3c68 313e 4261 6420 ><body>.<h1>Bad.
0x0150: 5265 7175 6573 743c 2f68 313e 0a3c 703e Request</h1>.<p>
0x0160: 596f 7572 2062 726f 7773 6572 2073 656e Your.browser.sen
0x0170: 7420 6120 7265 7175 6573 7420 7468 6174 t.a.request.that
0x0180: 2074 6869 7320 7365 7276 6572 2063 6f75 .this.server.cou
0x0190: 6c64 206e 6f74 2075 6e64 6572 7374 616e ld.not.understan
0x01a0: 642e 3c62 7220 2f3e 0a52 6571 7565 7374 d.<br./>.Request
0x01b0: 2068 6561 6465 7220 6669 656c 6420 6973 .header.field.is
0x01c0: 206d 6973 7369 6e67 2027 3a27 2073 6570 .missing.':'.sep
0x01d0: 6172 6174 6f72 2e3c 6272 202f 3e0a 3c70 arator.<br./>.<p
0x01e0: 7265 3e0a 500e 923c 2f70 7265 3e0a 3c2f re>.P..</pre>.</
0x01f0: 703e 0a3c 2f62 6f64 793e 3c2f 6874 6d6c p>.</body></html

Apache is failing on the P.. header because it doesn't contain the required ":" format. As must as we would like to, suffice to say we cannot change the behavior of the submitted request. What options do I have within Apache to allow this bad request to proceed? Is there a way to turn off Apache's strict header checking? Or am I looking at making a custom modification to the Apache source code for this specific case?

Help is greatly appreciated.

Thanks,

Chris

References:
- Apache failing on invalid header. Is there a way to allow apache to proceed?
  - From: Brown Chris-CCB034

Prev by Date: Apache failing on invalid header. Is there a way to allow apache to proceed?
Next by Date: Re: Apache failing on invalid header. Is there a way to allow apache to proceed?
Previous by thread: Apache failing on invalid header. Is there a way to allow apache to proceed?
Next by thread: Re: Apache failing on invalid header. Is there a way to allow apache to proceed?
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]