This Confluence has been LDAP enabled, if you are an ASF Committer, please use your LDAP Credentials to login. Any problems file an INFRA jira ticket please.

Page tree
Skip to end of metadata
Go to start of metadata

Applications Quirks

The following HTTP protocol back-end applications or front-end user agents are known to be incompatible with Apache HTTP Server's protocol implementation of HTTP/1.1 or h2, in many cases the configuration option <code>HttpProtocolOptions Unsafe</code> will work around these defective applications, at a cost of enabling malicious cache poisoning behavior for all content on the configured server.

Until neatly formatted, it is simply a list of the bug reports. Editorial assistance is welcome;

Trailing whitespace after HTTP/1.1 token in HTTP request line;
https://unix.stackexchange.com/questions/340013/why-am-i-getting-400-bad-request

Invalid whitespace in X-RHN-Auth-User-Id header of RedHat Satellite 5/Spacewalk prior to version 2.7;
https://access.redhat.com/articles/3013361
https://bugzilla.redhat.com/show_bug.cgi?id=1442477

JBoss mod_cluster invalid IPv6 Host: header addressing (Missing square bracket delimiters);
https://issues.jboss.org/browse/JBCS-345?_sscc=t

Multiple examples, principally on Windows - underscore within Host: header server names not permitted (example);
https://alvinbunk.wordpress.com/2017/08/16/client-sent-http1-1-request-without-hostname/

  • No labels