On Thu, Jun 25, 2020 at 11:33:29AM -0400, anish10dec wrote:
> Nginx Upstream returning 400 Bad Request if null character is being passed
> in the request as part of uri or query params.
> Is there a way Null Character can be removed from request before proxying
> it to upstream.
> Its only known from access logs that null character is being passed in
> request as \x00 and causing the failure
The null character is not allowed in the HTTP request line, and
hence nginx returns 400 (Bad Request) error.
> How to identify the Null Character and remove it ?
You can't. Instead, consider fixing the client to generate HTTP
This is being caused by akamai_token_validate_strip_token directive which
strips the token and forwards request to upstream server.
While striping the token and passing the remaining request to upstream
stream its appending null character at the end.
If there is no any additional query param in request apart from token , then
there is no issue in handling.
no offense to the OP, but i love Maxim. Direct and to the point, and in this case, as usual, he is correct. You should not look at what the requester wants, before understanding what the sender should provide.