Solved!! I realized that at the same time of the warnings, i have at access.log the next entries: [28/Feb/2011:08:34:59 +0100] "POST http://activate.pdfcreator-toolbar.org/toolbar/activate.php HTTP/0.0" 400 1733 NONE:NONE [28/Feb/2011:08:34:59 +0100] "POST http://activate2.pdfcreator-toolbar.org/toolbar/activate.php HTTP/0.0" 400 1733 NONE:NONE So it is a toolbar that sometimes PDF Creator installs, and it's trying to make those connections. Just uninstall it and everything ok. Thanks Amos for putting me on the track. 2011/2/25 Amos Jeffries <squid3@xxxxxxxxxxxxx>: > On 25/02/11 22:39, Gontzal wrote: >> >> Hi list, >> >> I always have this messages on my cache.log, but i've never been >> worried about them, it is just curiosity to know what this means and >> if I can solve it: >> >> The message is: >> >> 2011/02/25 09:53:53| WARNING: HTTP header contains NULL characters >> {Accept: */*^M >> Content-Type: application/x-www-form-urlencoded} >> > > Exactly what is says. The HTTP headers contain a NULL character. > Older Squid will only display one {} section with the NULL byte being right > after the last displayed character. 3.x will display two {} sections with > the text "NULL" in between to indicate the problem better. > > > Squid should be aborting the request unanswered and closing the TCP link > involved. This is sign of an attack on the HTTP service, although it can be > done by badly broken software unintentionally. > > In this case the Content-Type indicates the headers came from some client > agent. I don't think its a browser since they are usually sending correct > HTTP requests. > > If you have time it is worth tracking down where these come from and seeing > what can be done to fix the source. > > Amos > -- > Please be using > Current Stable Squid 2.7.STABLE9 or 3.1.11 > Beta testers wanted for 3.2.0.5 >
