This initially looked similar to bug 60717, but it seems like that might be a coincidence. If the configured ws:// backend for a proxy_wstunnel request immediately returns a final response code and closes the connection instead of upgrading, proxy_wstunnel will send an extra "Bad Gateway" response body after the response that has already been sent. Here's an example where the backend is responding to a client that hasn't sent a supported Sec-WebSocket-Version: HTTP/1.1 400 Bad Request Date: Wed, 12 Jul 2017 16:54:20 GMT Server: Apache/2.4.28-dev (Unix) OpenSSL/1.0.2g Sec-WebSocket-Version: 13,8,7 Content-Length: 226 Connection: close Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>400 Bad Request</title> </head><body> <h1>Bad Request</h1> <p>Your browser sent a request that this server could not understand.<br /> </p> </body></html> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>502 Bad Gateway</title> </head><body> <h1>Bad Gateway</h1> <p>The proxy server received an invalid response from an upstream server.<br /> </p> </body></html>
It looks like the code added in r1669299 might be backwards? It sets the `replied` flag if the client sends data, but it seems like we wanted it to be set if the server sends data.
Actually it was fixed in r1754164, but never proposed for backport (my bad).
Is there any wiggle room to consider backporting this? It affects more than just 502 responses; in my experience, *any* time the backend server sends a valid WS payload and closes the connection right away triggers this bug. My application is a log tailer, and any time I fetch a log that’s already completed I run into this bug. I observed it in 2.4.25. I didn’t try 2.4.27.
Proposed for backport with r1801997.
(In reply to felipe from comment #3) > It affects more than just 502 responses; in my experience, *any* time the > backend server sends a valid WS payload and closes the connection right away > triggers this bug. I've updated the bug title to help other people looking for this problem; thanks for pointing it out.
Backported to 2.4.28 in r1802144.