httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John Iliffe <john.ili...@iliffe.ca>
Subject Re: [users@httpd] Odd Date in http2 header
Date Sun, 09 Apr 2017 17:53:52 GMT
Thanks for the response Stefan.  Much appreciated.

The following results are from a vhost with the following configuration; 
just the default vhost on a named virtual host system.

This is in the main server configuration and is REQUIRED by the e-commerce 
folks (PCIA) to get a clean scan report ;-(

---------------------------------
Header always append X-Frame-Options SAMEORIGIN
---------------------------------

This is the first, therefore default, named virtual host entry.  It is just 
our test server so it has a plain vanilla configuration.

--------------------------------
# Allow access to the directory where we store the pages
<Directory /httpd >
  Options FollowSymLinks
  Require all granted
</Directory>

# Default host (www.iliffe.ca)
# This one picks up all IP based hacker garbage too
<VirtualHost *:80>
   ServerName www.iliffe.ca
   DocumentRoot /httpd/iliffe
   Options FollowSymLinks
   H2Direct on
</VirtualHost>
----------------------------------

All the following were taken with:

-----------------------------------
curl --http2 -I http://192.168.1.6
-----------------------------------

In all cases the "H2SerializeHeaders on" directive is commented out.

First try, mod_http2 is active and the connect changes to http2.  Note that 
date is wrong and etag value is preceded by 'W/'

----------------------------------
HTTP/1.1 101 Switching Protocols
Upgrade: h2c
Connection: Upgrade

HTTP/2 200 
date: Sun, 00 Jan 1900 00:00:00 GMT   <-----
server: Apache
x-frame-options: SAMEORIGIN
last-modified: Mon, 03 Apr 2017 19:10:31 GMT
etag: W/"38a-54c47e9be9bda"
accept-ranges: bytes
content-length: 906
content-type: text/html
------------------------------------

Following taken with mod_http2 commented out and "H2Direct on" directive in 
all virtual hosts commented out (O/W it is a syntax error).   Note that the 
date is correct.
------------------------------------
HTTP/1.1 200 OK
Date: Sun, 09 Apr 2017 17:35:03 GMT   <----
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 03 Apr 2017 19:10:31 GMT
ETag: "38a-54c47e9be9bda"
Accept-Ranges: bytes
Content-Length: 906
Content-Type: text/html
---------------------------------------

Now I uncomment mod_http2, "H2Direct on" and "H2SerializeHeaders on"  Note 
that the date is now correct again.

------------------------------------------
HTTP/1.1 101 Switching Protocols
Upgrade: h2c
Connection: Upgrade

HTTP/2 200 
date: Sun, 09 Apr 2017 17:42:49 GMT  <----
server: Apache
x-frame-options: SAMEORIGIN
last-modified: Mon, 03 Apr 2017 19:10:31 GMT
etag: "38a-54c47e9be9bda"
accept-ranges: bytes
content-length: 906
content-type: text/html
----------------------------------------

Hope that helps!

John
========================================
On Saturday 08 April 2017 03:37:25 Stefan Eissing wrote:
> Hmm, interesting. I left H2SerializeHeaders in just for the case someone
> runs into incompatibilities with the standard mod_http2 method. I almost
> was about to rip it our since, until now, no one reported any
> differences.
> 
> I'd like to understand what is going on in your system and causing this
> difference. I would guess that some module inserts a filter into request
> processing that mod_http2 has trouble working with.
> 
> For example, where is that X-Frame-Options coming from? Do you
> have just "standard" modules enabled? Would you mind reducing your
> config for a vhost to the minimal set that still causes the problems and
> share that?
> 
> Thanks!
> 
> -Stefan
> 
> > Am 07.04.2017 um 17:28 schrieb John Iliffe <john.iliffe@iliffe.ca>:
> > 
> > On Friday 07 April 2017 03:53:55 Konstantin Kolinko wrote:
> >> 2017-04-07 7:19 GMT+03:00 John Iliffe <john.iliffe@iliffe.ca>:
> >>> I just enabled http2 on our server and tested using curl.  The test
> >>> page is a static html page with nothing but some random characters
> >>> on it, and no css or other secondary accesses.
> >>> 
> >>> The protocol line is set to allow http2
> >>> Protocols h2 h2c http/1.1
> >>> 
> >>> Everything seems to work with the exception of the date.  The first
> >>> file following is the result of a curl head request BEFORE
> >>> activating mod_http2 and the second one is after doing so.  No
> >>> other change to the httpd.conf file.
> >>> 
> >>> ---------------------without http2 being
> >>> available---------------------- curl --http2 -I
> >>> http://192.168.1.6:/yrarc/yrex0001.html
> >>> HTTP/1.1 200 OK
> >>> Date: Fri, 07 Apr 2017 03:42:12 GMT    <-----
> >>> Server: Apache
> >>> X-Frame-Options: SAMEORIGIN
> >>> Last-Modified: Sun, 26 Mar 2017 03:12:45 GMT
> >>> ETag: "c14-54b9999bf581b"
> >>> Accept-Ranges: bytes
> >>> Content-Length: 3092
> >>> Content-Type: text/html
> >>> 
> >>> 
> >>> -------------------with mod_http2
> >>> enabled------------------------------ curl --http2 -I
> >>> http://192.168.1.6:/yrarc/yrex0001.html
> >>> HTTP/1.1 101 Switching Protocols
> >>> Upgrade: h2c
> >>> Connection: Upgrade
> >>> 
> >>> HTTP/2 200
> >>> date: Sun, 00 Jan 1900 00:00:00 GMT   <-----
> >>> server: Apache
> >>> x-frame-options: SAMEORIGIN
> >>> last-modified: Sun, 26 Mar 2017 03:12:45 GMT
> >>> etag: W/"c14-54b9999bf581b"
> >>> accept-ranges: bytes
> >>> content-length: 3092
> >>> content-type: text/html
> >>> 
> >>> Does anyone know why the date (arrowed) should be wrong and if it
> >>> would make any difference in the server operation?  Or maybe what am
> >>> I missing?
> >> 
> >> 1. What is exact version of your server?
> > 
> > apache-2.4.25 compiled from source running on Fedora 25
> > 
> >> 2. If you say that "No other change to the httpd.conf file", what
> >> caused the difference in ETag value?
> > 
> > Don't know, the "W/" bit occurs only when the http2 protocol is
> > active.
> > 
> > The only change I made was to uncomment the line:
> > 
> > LoadModule http2_module modules/mod_http2.so
> > 
> > the Protocol line was already present, but as noted in the docs
> > ignores protocols that are not available.
> > 
> >> 3. Overall, this is strange.
> >> If you do an HTTP/1.1 request (using curl without "--http2" flag),
> >> does it respond with a correct Date header?
> > 
> > Yes.
> > 
> > curl -I http://192.168.1.6:/yrarc/yrex0001.html
> > HTTP/1.1 200 OK
> > Date: Fri, 07 Apr 2017 15:07:47 GMT      <--------
> > Server: Apache
> > X-Frame-Options: SAMEORIGIN
> > Upgrade: h2,h2c
> > Connection: Upgrade
> > Last-Modified: Sun, 26 Mar 2017 03:12:45 GMT
> > ETag: "c14-54b9999bf581b"
> > Accept-Ranges: bytes
> > Content-Length: 3092
> > Content-Type: text/html
> > 
> >> 4. I wonder, whether the behaviour is affected by H2SerializeHeaders
> >> directive.
> >> http://httpd.apache.org/docs/2.4/mod/mod_http2.html#h2serializeheader
> >> s
> > 
> > Bingo!
> > 
> > The H2SerializeHeaders directive is not present so it is taking the
> > default of off.  I added it with the following result:
> > 
> > curl --http2 -I http://192.168.1.6:/yrarc/yrex0001.html
> > HTTP/1.1 101 Switching Protocols
> > Upgrade: h2c
> > Connection: Upgrade
> > 
> > HTTP/2 200
> > date: Fri, 07 Apr 2017 15:16:38 GMT   <------
> > server: Apache
> > x-frame-options: SAMEORIGIN
> > last-modified: Sun, 26 Mar 2017 03:12:45 GMT
> > etag: "c14-54b9999bf581b"
> > accept-ranges: bytes
> > content-length: 3092
> > content-type: text/html
> > 
> > 
> > So, what is this dated used for and does an incorrect date affect
> > anything? The docs sort of imply that it should be off unless
> > something breaks.
> > 
> >> Best regards,
> >> Konstantin Kolinko
> > 
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message