how to trigger "proxy_next_upstream invalid_header"?

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

how to trigger "proxy_next_upstream invalid_header"?

Jeffrey 'jf' Lim
This is more of a curiosity thing, I guess, than anything else, but...
how do you trigger an "proxy_next_upstream invalid_header" when
testing?

I've tried basically sending random text from an upstream ('nc -l')...
but nginx holds on to the connection and ends up triggering a
"timeout" instead. If I send random text, and then close the
connection, the random text still gets sent to the client, and no next
peer is tried.

-jf

--
He who settles on the idea of the intelligent man as a static entity
only shows himself to be a fool.
_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx
Reply | Threaded
Open this post in threaded view
|

Re: how to trigger "proxy_next_upstream invalid_header"?

Roman Arutyunyan
Hi Jeffrey,

On Thu, Jan 25, 2018 at 05:41:50PM +0800, Jeffrey 'jf' Lim wrote:
> This is more of a curiosity thing, I guess, than anything else, but...
> how do you trigger an "proxy_next_upstream invalid_header" when
> testing?
>
> I've tried basically sending random text from an upstream ('nc -l')...
> but nginx holds on to the connection and ends up triggering a
> "timeout" instead. If I send random text, and then close the
> connection, the random text still gets sent to the client, and no next
> peer is tried.

The easiest way is to send the status line + header bigger than
proxy_buffer_size bytes.  Another way is to send a null byte somewhere in the
response header.  You can also try sending broken line and header termination:
CR followed by a non-LF byte.

--
Roman Arutyunyan
_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx
Reply | Threaded
Open this post in threaded view
|

Re: how to trigger "proxy_next_upstream invalid_header"?

Jeffrey 'jf' Lim
On Thu, Jan 25, 2018 at 8:22 PM, Roman Arutyunyan <[hidden email]> wrote:

> Hi Jeffrey,
>
> On Thu, Jan 25, 2018 at 05:41:50PM +0800, Jeffrey 'jf' Lim wrote:
>> This is more of a curiosity thing, I guess, than anything else, but...
>> how do you trigger an "proxy_next_upstream invalid_header" when
>> testing?
>>
>> I've tried basically sending random text from an upstream ('nc -l')...
>> but nginx holds on to the connection and ends up triggering a
>> "timeout" instead. If I send random text, and then close the
>> connection, the random text still gets sent to the client, and no next
>> peer is tried.
>
> The easiest way is to send the status line + header bigger than
> proxy_buffer_size bytes.  Another way is to send a null byte somewhere in the
> response header.  You can also try sending broken line and header termination:
> CR followed by a non-LF byte.
>

thank you, Roman. I actually tried using the null byte and "CR
followed by non-LF" method first. Those, despite what I tried,
unfortunately did not work (for a null byte, I tried various places in
response headers: part of the header name, part of the header value;
no luck). In the end though, I managed to do it by sending a large
header, and that worked.

thanks,
-jf
_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx