Bug #1351
closedlighttpd returns "400 Bad Request" for Nokia web browser request
Description
We are running http://m.nokaut.pl/ mobile price comparison website on lighttpd 1.5-svn.
Everything works OK with popular browsers, Opera Mobile and some built-in mobile browsers (eg. Motorola, Samsung), but there is a MAJOR problem with all the requests from Nokia built-in web browser. All such requests receive "HTTP/1.1 400 Bad Request" error. I guess that it is caused by some not-standard HTTP headers.
Here is the full connection log (sniffed by ettercap):
-- michal.jaskolski
Updated by Anonymous over 17 years ago
From what I can see, the problem is that your browser sends a Content-Length header during a GET request. (GET requests cannot contain a message-body; according to RFC2068 the Content-Length header signals that a message-body follows)
Lines 542-545 of request.c:
case HTTP_METHOD_GET: case HTTP_METHOD_HEAD: /* content-length is forbidden for those */ if (con->request.content_length != -1) {
I guess you could change it to something like this, to be more lenient.
if (con->request.content_length <= 0) {
Updated by Anonymous over 17 years ago
(That should be a > instead of a <=, sorry)
Updated by Anonymous over 17 years ago
After changing that line, everything works well. We will contact Nokia and ask them to change their software to be RFC-compatible, but I think that the patch above should be included in main lighttpd source.
-- michal.jaskolski
Updated by Anonymous about 17 years ago
The same RFC incompatibility exists with the popular PHP SOAP library, nuSOAP. Here is a fix if anyone finds this page while trying to figure out the 400 errors with nuSOAP, like me :)
-- raj
Updated by Anonymous about 16 years ago
Well the above solution is inappropriate better would be something like this solution below. Some HTTP client libraries send a content-length = 0 which is somehow in line with the RFC. Its just a question of the interpretation. Apache deals with it in the same way.
if (con->request.content_length != 1 && con->request.content_length != 0) {
-- thomas.nicolai
Updated by Anonymous about 16 years ago
Sorry thats the right one
if (con->request.content_length != 1 && con>request.content_length != 0) {
Replying to thomas.nicolai@…:
Well the above solution is inappropriate better would be something like this solution below. Some HTTP client libraries send a content-length = 0 which is somehow in line with the RFC. Its just a question of the interpretation. Apache deals with it in the same way.
{{{
if (con->request.content_length != 1 && con->request.content_length != 0) {
}}}
Updated by stbuehler over 14 years ago
- Status changed from New to Duplicate
- Assignee deleted (
jan) - Priority changed from High to Normal
- Target version deleted (
1.5.0) - Missing in 1.5.x set to No
Also available in: Atom