Re: what constitutes an "invalid" content-length
Willy Tarreau <w@1wt.eu> Tue, 12 July 2016 21:45 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 15EB712D92F for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 12 Jul 2016 14:45:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.208
X-Spam-Level:
X-Spam-Status: No, score=-8.208 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.287, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IpZ8xwr-8V5R for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 12 Jul 2016 14:45:18 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7E16712D674 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 12 Jul 2016 14:45:18 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1bN5Q3-0004r9-58 for ietf-http-wg-dist@listhub.w3.org; Tue, 12 Jul 2016 21:40:43 +0000
Resent-Date: Tue, 12 Jul 2016 21:40:43 +0000
Resent-Message-Id: <E1bN5Q3-0004r9-58@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <w@1wt.eu>) id 1bN5Pz-0004qB-8L for ietf-http-wg@listhub.w3.org; Tue, 12 Jul 2016 21:40:39 +0000
Received: from wtarreau.pck.nerim.net ([62.212.114.60] helo=1wt.eu) by lisa.w3.org with esmtp (Exim 4.80) (envelope-from <w@1wt.eu>) id 1bN5Pw-0004ee-Nr for ietf-http-wg@w3.org; Tue, 12 Jul 2016 21:40:38 +0000
Received: (from willy@localhost) by pcw.home.local (8.15.2/8.15.2/Submit) id u6CLe30R011639; Tue, 12 Jul 2016 23:40:03 +0200
Date: Tue, 12 Jul 2016 23:40:03 +0200
From: Willy Tarreau <w@1wt.eu>
To: Adrien de Croy <adrien@qbik.com>
Cc: Patrick McManus <mcmanus@ducksong.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Message-ID: <20160712214003.GB11621@1wt.eu>
References: <CAOdDvNq5Tgb+yYxprV2s+GDSvCoPi2kd9VJWL1hdHQYDq0bUFA@mail.gmail.com> <emd31fad5b-8d88-47e7-a97f-11397de0691d@bodybag>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <emd31fad5b-8d88-47e7-a97f-11397de0691d@bodybag>
User-Agent: Mutt/1.6.0 (2016-04-01)
Received-SPF: pass client-ip=62.212.114.60; envelope-from=w@1wt.eu; helo=1wt.eu
X-W3C-Hub-Spam-Status: No, score=-5.5
X-W3C-Hub-Spam-Report: AWL=-0.575, BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: lisa.w3.org 1bN5Pw-0004ee-Nr 7219e95395f33d0e4217b7d32f67d0bd
X-Original-To: ietf-http-wg@w3.org
Subject: Re: what constitutes an "invalid" content-length
Archived-At: <http://www.w3.org/mid/20160712214003.GB11621@1wt.eu>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/31932
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Hi Adrien, On Tue, Jul 12, 2016 at 03:24:05PM +0000, Adrien de Croy wrote: > > In this case, it's a fairly popular site in Norway (mytribe.no) running > through a relatively recent nginx (1.8.1 Jan 2016). > > I would have expected that the static css file would come from the reverse > proxy cache and so should have had C-L validated/fixed, maybe it didn't and > the bad C-L is coming from the back end. If it was bad in the backend, normally the front reverse proxies would not forward the extra data. So i guess instead that the frontend is broken. Also you're probably seeing nginx only because it's the one advertising its name but you don't necessarily see what blackbox runs in front of it. If it's an ad injector or whatever similar device, you can reasonably expect it to be broken by default :-/ > But in any case, this isn't really an example of an old or legacy site. > > I guess it's always a problem when any single browser makes a stand. What > we need is for all the browsers to do the same thing. Then the users can't > say "but it works in xxx browser", and site operators have no choice but to > fix it. You forget that people first consider that their browser got broken by an upgrade and revert to the old version. And I'm the first one to do this, I have a terrible experience of constantly changing interfaces forcing me to stay as long as possible on a given version. Similarly if users see that their browser reports broken objects on their favorite web site after an upgrade, they'll simply revert to the previously working version. And that can be much worse because they suddenly stop to apply any security fixes for as long as they can... Willy
- Re: what constitutes an "invalid" content-length Willy Tarreau
- Re: what constitutes an "invalid" content-length Patrick McManus
- Re: what constitutes an "invalid" content-length Mark Nottingham
- Re: what constitutes an "invalid" content-length Adrien de Croy
- Re: what constitutes an "invalid" content-length Tim Bray
- Re: what constitutes an "invalid" content-length Willy Tarreau
- Re: what constitutes an "invalid" content-length Alex Rousskov
- Re: what constitutes an "invalid" content-length Adrien de Croy
- Re: what constitutes an "invalid" content-length Patrick McManus
- what constitutes an "invalid" content-length Adrien de Croy