Bug 60330

Summary: reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not
Product: Apache httpd-2 Reporter: Jay R. Wren <jrwren>
Component: mod_proxy_httpAssignee: Apache HTTPD Bugs Mailing List <bugs>
Status: NEW ---    
Severity: normal CC: jim, jon.abourbih, post
Priority: P2    
Version: 2.4.23   
Target Milestone: ---   
Hardware: PC   
OS: All   
Attachments: in the reverse proxy case, if request had Expects: 100-continue, delay writing 100 continue response until backend has sent 100-continue response
Forward 100-continue (and minimize race when reusing backend connections)

Description Jay R. Wren 2016-11-02 16:07:57 UTC
Reverse proxy of 100-continue aware backend, sends 100 continue even when backend does not. This causes a client to think it should write a request body, while the backend may still respond with a 400 and not read the request body. mod_proxy_http then responds with 502 as a result of AH01097: pass request body failed

The backend is doing the right thing: it did not send a 100 continue so it should not be required to read a request body, regardless of transfer encoding or content-length.

Expected:

mod_proxy_http reverse proxy should not send 100-continue to a client unless the backend does.
Comment 1 Jay R. Wren 2016-11-11 22:28:03 UTC
Created attachment 34438 [details]
in the reverse proxy case, if request had Expects: 100-continue, delay writing 100 continue response until backend has sent 100-continue response
Comment 2 Yann Ylavic 2016-11-16 00:07:40 UTC
Created attachment 34451 [details]
Forward 100-continue (and minimize race when reusing backend connections)

I proposed this patch a while ago on the dev@ list ([1]), this is an update for latest trunk, with more (though incomplete) testing.

Could you please give it a try?

[1]. https://lists.apache.org/thread.html/4e541e032b8a77ebec8248534637b47cdcd4f38af79baa5259845db0@1430360070@%3Cdev.httpd.apache.org%3E
Comment 3 Jim Jagielski 2016-11-21 20:25:22 UTC
*** Bug 55433 has been marked as a duplicate of this bug. ***
Comment 4 Jay R. Wren 2016-12-09 03:08:26 UTC
Yann,

I tried that patch, but I still get 503 error when expecting a 100 Continue response.