diff options
| author | Maxim Dounin <mdounin@mdounin.ru> | 2018-01-11 21:43:49 +0300 |
|---|---|---|
| committer | Maxim Dounin <mdounin@mdounin.ru> | 2018-01-11 21:43:49 +0300 |
| commit | 3377c001191d13d5f7bfbb111c323152d91a9603 (patch) | |
| tree | 61cdd4823536103fd17e617bfe42b128fb3c742c /src/http/ngx_http_request.c | |
| parent | 9b81d3b1bb615398eb993a5e8ba51fb3e0b4bf6d (diff) | |
| download | nginx-3377c001191d13d5f7bfbb111c323152d91a9603.tar.gz nginx-3377c001191d13d5f7bfbb111c323152d91a9603.zip | |
Upstream: fixed "header already sent" alerts on backend errors.
Following ad3f342f14ba046c (1.9.13), it is possible that a request where
header was already sent will be finalized with NGX_HTTP_BAD_GATEWAY,
triggering an attempt to return additional error response and the
"header already sent" alert as a result.
In particular, it is trivial to reproduce the problem with a HEAD request
and caching enabled. With caching enabled nginx will change HEAD to GET
and will set u->pipe->downstream_error to suppress sending the response
body to the client. When a backend-related error occurs (for example,
proxy_read_timeout expires), ngx_http_finalize_upstream_request() will
be called with NGX_HTTP_BAD_GATEWAY. After ad3f342f14ba046c this will
result in ngx_http_finalize_request(NGX_HTTP_BAD_GATEWAY).
Fix is to move u->pipe->downstream_error handling to a later point,
where all special response codes are changed to NGX_ERROR.
Reported by Jan Prachar,
http://mailman.nginx.org/pipermail/nginx-devel/2018-January/010737.html.
Diffstat (limited to 'src/http/ngx_http_request.c')
0 files changed, 0 insertions, 0 deletions