On Thu, 2006-10-19 at 21:42 +1000, Marcus Ogden wrote: > Hello, > > A client of ours using the Squid proxy server (version > 2.5.STABLE6-3.4E.12.1) on Red Hat Enterprise Linux 4 is experiencing a > problem when running our .NET 2.0 client application, which communicates > with a .NET 2.0 web service on our server. > > When our client application sends an HTTP 1.1 request through the Squid > proxy to our server, it receives the error: > > "The server committed a protocol violation. Section=ResponseStatusLine" > > Other clients not using Squid are not experiencing this problem. > > Researching this, we've found a few posts that report similar problems > using .NET 2.0 web services and/or the HTTP 1.1 protocol through Squid, > e.g. > > http://forums.asp.net/thread/1194960.aspx > http://groups.google.to/group/microsoft.public.dotnet.framework.remoting > /msg/dae1a8e9eed3dcf3?dmode=source > http://www.squid-cache.org/mail-archive/squid-users/200606/0534.html > > We've also tried the suggestion in > http://forums.asp.net/thread/1284850.aspx to set the > useUnsafeHeaderParsing property in the client .NET application's config > file to "true", but our client reports this hasn't solved the problem. > > Any suggestions on how we can resolve this issue would be much > appreciated. The server is sending malformed HTTP headers. This could be either: * The server is non conformant or * Someone is attempting an HTTP smuggling attack against your client. For the former you can tell squid to be more relaxed about HTTP parsing [see squid.conf.default] : this will disable the protection against HTTP smuggling attacks though. For the latter - get a log of the traffic and you can inspect it for validity. -Rob -- GPG key available at: <http://www.robertcollins.net/keys.txt>.
Attachment:
signature.asc
Description: This is a digitally signed message part
