Bug 65370 - "not Websocket" loglevel too low or wrong response code
Summary: "not Websocket" loglevel too low or wrong response code
Status: NEW
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_proxy_wstunnel (show other bugs)
Version: 2.4.38
Hardware: PC Linux
: P2 minor (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
Depends on:
Reported: 2021-06-10 12:03 UTC by Niels
Modified: 2021-06-10 12:05 UTC (History)
0 users


Note You need to log in before you can comment on or make changes to this bug.
Description Niels 2021-06-10 12:03:56 UTC
When a non WebSocket connection is made to a WebsScket endpoint, Apache returns error 500. The cause of this only shows up in debug loglevel. In my opinion, a 500 response (aka. internal server ERROR) should not log to debug, but to a higher level, eg. warn.

Example Log.

[2021-06-10 12:28:52.369642] [proxy_http:debug] YMHpZDtBmWovu2H73X2mGwAACQA AH01113: HTTP: declining URL ws://
[2021-06-10 12:28:52.369665] [proxy_wstunnel:debug] YMHpZDtBmWovu2H73X2mGwAACQA AH02900: declining URL ws://  (not WebSocket, Upgrade: header is missing)

Alternatively, a 400 Bad Request could be returned, as per RFC 6455.

4.2.1.  Reading the Client's Opening Handshake

   When a client starts a WebSocket connection, it sends its part of the
   opening handshake.  The server must parse at least part of this
   handshake in order to obtain the necessary information to generate
   the server part of the handshake.

   The client's opening handshake consists of the following parts.  If
   the server, while reading the handshake, finds that the client did
   not send a handshake that matches the description below (note that as
   per [RFC2616], the order of the header fields is not important),
   including but not limited to any violations of the ABNF grammar
   specified for the components of the handshake, the server MUST stop
   processing the client's handshake and return an HTTP response with an
   appropriate error code (such as 400 Bad Request).

Even then, i think debug would be too low for logging this.

What do you think aboout this?
Comment 1 Niels 2021-06-10 12:05:59 UTC
Maybe the 400 is a bad idea, as it is usually a server configuration error.