Re: WGLC p1: proxy handling of a really bad Content-Length

Willy Tarreau <w@1wt.eu> Wed, 01 May 2013 07:27 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1098321F8D90 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 1 May 2013 00:27:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.544
X-Spam-Level:
X-Spam-Status: No, score=-10.544 tagged_above=-999 required=5 tests=[AWL=0.055, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 83R97bsbzSPe for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 1 May 2013 00:27:39 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id AF90621F8D2C for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 1 May 2013 00:27:39 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1UXRRl-0004ac-NK for ietf-http-wg-dist@listhub.w3.org; Wed, 01 May 2013 07:27:25 +0000
Resent-Date: Wed, 01 May 2013 07:27:25 +0000
Resent-Message-Id: <E1UXRRl-0004ac-NK@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <w@1wt.eu>) id 1UXRRc-0004ZE-Gv for ietf-http-wg@listhub.w3.org; Wed, 01 May 2013 07:27:16 +0000
Received: from 1wt.eu ([62.212.114.60]) by maggie.w3.org with esmtp (Exim 4.72) (envelope-from <w@1wt.eu>) id 1UXRRa-00012G-AO for ietf-http-wg@w3.org; Wed, 01 May 2013 07:27:16 +0000
Received: (from willy@localhost) by mail.home.local (8.14.4/8.14.4/Submit) id r417QiQL028951; Wed, 1 May 2013 09:26:44 +0200
Date: Wed, 1 May 2013 09:26:44 +0200
From: Willy Tarreau <w@1wt.eu>
To: Alex Rousskov <rousskov@measurement-factory.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>, Mark Nottingham <mnot@mnot.net>
Message-ID: <20130501072644.GI27137@1wt.eu>
References: <5180B982.9050003@measurement-factory.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <5180B982.9050003@measurement-factory.com>
User-Agent: Mutt/1.4.2.3i
Received-SPF: pass client-ip=62.212.114.60; envelope-from=w@1wt.eu; helo=1wt.eu
X-W3C-Hub-Spam-Status: No, score=-4.3
X-W3C-Hub-Spam-Report: AWL=-1.766, RP_MATCHES_RCVD=-2.509, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001
X-W3C-Scan-Sig: maggie.w3.org 1UXRRa-00012G-AO 2ec0e256885f483eea44085fc3e490e6
X-Original-To: ietf-http-wg@w3.org
Subject: Re: WGLC p1: proxy handling of a really bad Content-Length
Archived-At: <http://www.w3.org/mid/20130501072644.GI27137@1wt.eu>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/17751
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On Wed, May 01, 2013 at 12:43:14AM -0600, Alex Rousskov wrote:
> Hello,
> 
>     When talking about dealing with malformed responses, HTTPbis p1
> Section 3.3.3 says:
> 
> > the proxy MUST discard the received response, send a 502 (Bad
> > Gateway) status code as its downstream response, and then close the
> > connection.
> 
> Which connection MUST the proxy close: upstream or downstream? If you
> guessed downstream because the connection must be closed only _after_
> the 502 downstream response is sent, you guessed wrong :-).
> 
> The proxy MUST close the upstream connection and it may do that
> immediately, without waiting for the 502 response to be sent on the
> downstream connection. This was discussed around 2011/11/28, and I think
> Mark agreed that a fix is needed but the text was never changed.
> 
> Also, the current wording suggests sending "status code" as a response,
> which is not the intent, of course.
> 
> 
> Suggested fix:
> 
>   the proxy MUST close the upstream connection, discard the received
>   response, and send a 502 (Bad Gateway) response downstream.

I think we should never use the terms "upstream" and "downstream" since
they're ambiguous due to the fact that connections are bidirectional.
We'd rather use "connection to the client" and "connection to the server".
So I would suggest :

   the proxy MUST close the connection to the server, discard the received
   response, and send a 502 (Bad Gateway) response to the client.

Willy