[squid-users] Bad HTTP header error on non-standard HTTP response code

Amos Jeffries squid3 at treenet.co.nz
Wed Feb 6 20:15:52 UTC 2019


On 7/02/19 6:39 am, Ivan Larionov wrote:
> Hello.
> 
> We've recently noticed a difference in behavior between squid v3 and v4.
> 
> On HTTP response with non-standard 4-digits HTTP code, for example
> something like this:
> 
> HTTP/1.1 5009 Update Error
> Connection: Closed
> 
> {"code":500911,"message":"update record error"}


Well, according to the HTTP specification this is an HTTP/0.9 message
pretending to be an HTTP/1 message:

 HTTP/0.9 := [optional text] CRLF

 HTTP/1.x := "HTTP/1." DIGIT SP 3*DIGIT SP [optional text] CRLF


Due to complaints Squid-4 dropped implicit support for HTTP/0.9
responses to HTTP/1 requests. The client is now required to make an
HTTP/0.9 style request for 0.9 syntax to be expected.


> 
> squid 3 just passes this response to the client, but squid 4 returns 502
> with ERR_INVALID_RESP template and writes into cache.log:
> 
> WARNING: HTTP: Invalid Response: Bad header encountered from … AKA …
> 
> While I understand that 4-digits response code is not standard I'd like
> to know:
> 
> Is it expected behavior and is there an option to change squid 4
> behavior to match squid 3?

This is intentional behaviour. According to the specification the
recipient (Squid) MUST treat it as a malformed 500 response. It was a
bug in Squid-3 to pass the status unchanged.


PS. If you have any contact with people in charge of the server
producing these responses please contact them an encourage proper HTTP
syntax be used. The requirements are not particularly difficult and RFC
7230 series of documents are a lot clearer to understand than the old ones.

Amos


More information about the squid-users mailing list