Michael Alger wrote:
On Tue, Jul 15, 2008 at 03:39:46AM +0900, Patson Luk wrote:
We are using SQUID 3.0 as a reverse proxy on our server and it
boosts the performance a lot!
However, we have problems when some of the requests are coming in
as XML files. On several forums there are mentions that SQUID is
only HTTP 1.0 compliant hence those XML files comes in as chunked
code-encoding in HTTP1.1 would fail with error code 501 (Not
Implemented)
This is a well known bug with certain releases of squid.
http://squidproxy.wordpress.com/2008/04/29/chunked-decoding/
# 'Fix' broken sites by removing Accept-Encoding header
acl broken dstdomain ...
request_header_access Accept-Encoding deny broken
I have tried SQUID 2.6 but we still get TCP_DENIED/501 in the
access.log
There are several ways I can think of that might fix the
problem...but I dun quite know how to implement them :( (SQUID and
our server are on the same machine)
1. Make SQUID to ignore all the PUT/POST request ...but as far as
SQUID is trying to forward them...it fails
I think you're probably correct in that squid can't deal with it
properly, as HTTP/1.1 support is both very basic and experimental so
far. As far as I can tell, the support in 2.6 is mostly a workaround
to fix specific problems (servers returning chunked encoding in response
to HTTP/1.0 requests), and not a general solution.
I do somewhat wonder why the clients are sending HTTP/1.1 requests
to a HTTP/1.0 server in the first place, but I'm not exactly sure
how "negotiation" occurs since the client doesn't know the version
of the server until after it has sent its request.
Client sending HTTP/1.1 is fine. All the request contains is optional
values which the server considers when sending the reply. BUT it MUST
NOT send a response of higher HTTP version than the client used. Usually
not allowed to send anything but plain text anyway unless the client
allows other stuff.
Squid will send the 1.0 response just fine to a 1.1 client, using 1.0
methods. The 1.1 problems seen are occuring with 1.1 servers sending
back data (like chunked encoding) when Squid sent a 1.0 request out with
certain 1.1 headers it got from the client.
2. Make SQUID to only catch/forward requests on certain domain
name. For example we have domain name a.com and b.com both runs
on the SAME IP, SAME machine...is it possible to configure SQUID
such that it only touches/forwards stuff that comes in as a.com
but b.com just does not get thru SQUID at all?
I don't think this is possible, as you'd need to bypass squid at the
network layer, before the client makes a connection to squid. At
that point the only things you have to go on are the IP addresses
and ports in the connection request -- the domain name being
requested isn't known until the connection has been established and
the HTTP request is sent.
Right. Its impossible for squid to do this. That has to be done at the
browser. But if its just chunked encoding, see the hack above.
If possible, I'd try to get another IP address for the system as
that would probably be the cleanest way to handle it, assuming you
can force all the "bad" requests to go to a particular IP address.
3. (least favorite) Put some stuff on top of SQUID (that can
forward to different PORT based on request type/domain name), etc.
if its a GET request, forward to PORT 83 (with caching) and PORT
80 for other request types. A servlet can probably do it...but I
really dun want to :(
This is probably what you'll need to do. If you're familiar with
Apache it might be worth looking at mod_proxy; possibly it has
better support for chunked encoding. Then again, it might not.
Luckily not.
Amos
--
Please use Squid 2.7.STABLE3 or 3.0.STABLE7
