httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Igor Cicimov <icici...@gmail.com>
Subject Re: [users@httpd] httpd 2.2.21: mod_cache incorrectly returns HTTP 200 for nonexistent reverse-proxied content
Date Thu, 26 Jul 2012 00:57:44 GMT
On Tue, Jul 24, 2012 at 12:28 AM, Glen Birnie <glen.birnie@bbc.co.uk> wrote:

> We have seen an issue in httpd 2.2.21 where mod_cache incorrectly returns
> HTTP 200 responses instead of HTTP 404 where:
>
> - Reverse proxying is configured.
> - ProxyErrorOverride is set to On.
> - mod_disk_cache is set up to cache content proxied from mod_proxy.
> - A local ErrorDocument 404 URL is configured.
> - The error document URL is requested and the contents cached by
> mod_disk_cache.
> - A nonexistent URL is routed to the proxy destination, the destination
> proxy returns a 404, but mod_cache returns the configured ErrorDocument
> content with an incorrect 200 response.
>
> We have done some searching of the list archives and bug database but have
> not seen reports of any similar problems.
>
> ---
>
> Steps to reproduce:
>
> - Create an error image and write to the document root (we assume URI
> /error.jpg in the examples below).
>
> - Setup a mod_disk_cache directory (we assume
> /data/httpcache/httpd/cache-root) with the necessary permissions.
>
> - Use configuration akin to the following (set "proxy.destination" /
> "web.proxy" as appropriate):
>
> <IfModule !mod_cache.c>
> LoadModule cache_module modules/mod_cache.so
> </IfModule>
>
> <IfModule !mod_disk_cache.c>
> LoadModule disk_cache_module modules/mod_disk_cache.so
> </IfModule>
>
> <IfModule !mod_rewrite.c>
> LoadModule rewrite_module modules/mod_rewrite.so
> </IfModule>
>
> <IfModule !mod_proxy.c>
> LoadModule proxy_module modules/mod_proxy.so
> </IfModule>
>
> <IfModule mod_cache.c>
>   <IfModule mod_disk_cache.c>
>     CacheRoot /data/httpcache/httpd/cache-root
>     CacheDirLevels 3
>     CacheDirLength 1
>     CacheMinFileSize 0
>     CacheMaxFileSize 1000000
>   </IfModule>
> </IfModule>
>
> CacheEnable disk /
>
> ProxyErrorOverride On
> ProxyPassReverse / http://proxy.destination/
>
> # Configure this if the destination server resides behind a proxy
> #ProxyRemote http://proxy.destination/ http://web.proxy:80
>
> <Location /proxystuff/>
>   RewriteEngine On
>   RewriteRule /proxystuff/error$ /error.jpg [L]
>   RewriteRule /proxystuff/get http://proxy.destination%{REQUEST_URI} [P,L]
>
>   # This image should reside in the document root,
>   # i.e. return a HTTP 200 when requested
>   ErrorDocument 404 /error.jpg
> </Location>
>
>
> - Request the error image e.g.:
>
> curl -Lsv -H 'Pragma: ' -o /dev/null http://localhost/error.jpg
>
> This should get written into the cache:
>
> htcacheclean -a -D -p /data/httpcache/httpd/cache-root
>
>
> - Request a nonexistent proxied URL e.g.:
>
> curl -Lsv -H 'Pragma: ' -o /dev/null http://localhost/proxystuff/get
>
> An incorrect HTTP 200 response is returned instead of the expected HTTP
> 404.
> Note this does not happen if the CacheEnable directive is disabled.
>
> It appears that mod_cache is returning a cached 404 errordocument response
> and assuming that (because this exists) a 200 should be issued, rather than
> forwarding the 404 response from the destination proxy server.
>
>
> Glen
>
>
> http://www.bbc.co.uk/
> This e-mail (and any attachments) is confidential and may contain personal
> views which are not the views of the BBC unless specifically stated.
> If you have received it in error, please delete it from your system.
> Do not use, copy or disclose the information in any way nor act in
> reliance on it and notify the sender immediately.
> Please note that the BBC monitors e-mails sent or received.
> Further communication will signify your consent to this.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
Use CacheDisable directive to disable caching for your custom error pages,
something like this:

CacheDisable /your_custom_err_pages

and put 404 page inside

Also according to the documentation you can use the no-cache environment
variable to disable caching on finer grained set of resources.

Igor

Mime
View raw message