Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-40693

badMessage: 400 Bad Host header for HttpChannelOverHttp

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      Behind a reverse proxy a requests may fail with this error

      WARNING	o.e.jetty.util.log.JavaUtilLog#warn: badMessage: 400 Bad Host header for HttpChannelOverHttp@123456{r=0,c=false,a=IDLE,uri=/foo/bar/}
      

      In Jenkins 2.0 Jetty was upgraded from 8.1 to 9.2 which removes AJP functionality, and also requires that if the HOST: field is used it can not be empty.

      KO:

      GET /foo/bar HTTP/1.1\r\nHOST: \r\nConnection: Close\r\n\r\n
      

      OK:

      GET /foo/bar HTTP/1.1\r\nHOST:null \r\nConnection: Close\r\n\r\n
      

      Current winstone version includes Jetty server 9.2.15.v20160210.

      The fix is in 9.3.... See:
      https://github.com/eclipse/jetty.project/issues/592. https://github.com/eclipse/jetty.project/commit/7e16731b9dac0d5b6ae5424a13c83fd4ef46dc4f

      The Jetty version embedded in winstone must be upgraded to have a fix
      The workaround is to take care to never send an empty HOST

        Attachments

          Issue Links

            Activity

            aheritier Arnaud Héritier created issue -
            oleg_nenashev Oleg Nenashev made changes -
            Field Original Value New Value
            Component/s core [ 15593 ]
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            From what I see it's rather a regression than a new feature request

            Show
            oleg_nenashev Oleg Nenashev added a comment - From what I see it's rather a regression than a new feature request
            oleg_nenashev Oleg Nenashev made changes -
            Issue Type New Feature [ 2 ] Bug [ 1 ]
            oleg_nenashev Oleg Nenashev made changes -
            Labels regression
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            I was recently digging into Jetty project as a part of the research for a non-Jenkins Java server.

            We cannot easily upgrade to Jetty 9.3 because it EOLs the support of Java 7. If this issue really requires a fix ASAP, we need a temporary custom fork till Java 7 gets dropped in Jenkins.

            Show
            oleg_nenashev Oleg Nenashev added a comment - I was recently digging into Jetty project as a part of the research for a non-Jenkins Java server. We cannot easily upgrade to Jetty 9.3 because it EOLs the support of Java 7. If this issue really requires a fix ASAP, we need a temporary custom fork till Java 7 gets dropped in Jenkins.
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            Alternative approach: Contribute backport to Jetty 9.2.x branch, which still seems to be alive: https://github.com/eclipse/jetty.project/blob/jetty-9.2.x/jetty-http/src/main/java/org/eclipse/jetty/http/HttpParser.java#L832-L838 . I am not sure they will accept it

            Show
            oleg_nenashev Oleg Nenashev added a comment - Alternative approach: Contribute backport to Jetty 9.2.x branch, which still seems to be alive: https://github.com/eclipse/jetty.project/blob/jetty-9.2.x/jetty-http/src/main/java/org/eclipse/jetty/http/HttpParser.java#L832-L838 . I am not sure they will accept it
            Hide
            aheritier Arnaud Héritier added a comment -

            Maybe Olivier Lamy could have some feedback ?

            Show
            aheritier Arnaud Héritier added a comment - Maybe Olivier Lamy could have some feedback ?
            Hide
            danielbeck Daniel Beck added a comment -

            Why is this "Major" when the workaround is obviously to set the Host header? What am I missing here?

            Show
            danielbeck Daniel Beck added a comment - Why is this "Major" when the workaround is obviously to set the Host header? What am I missing here?
            Hide
            aheritier Arnaud Héritier added a comment -

            I had a doubt but we have nothing between Minor and Major
            The workaround is easy to apply but you need to find this issue (I hope it is correctly described/indexed to be found when required) and it a regression when you upgrade from 1.x to 2.x

            Show
            aheritier Arnaud Héritier added a comment - I had a doubt but we have nothing between Minor and Major The workaround is easy to apply but you need to find this issue (I hope it is correctly described/indexed to be found when required) and it a regression when you upgrade from 1.x to 2.x
            aheritier Arnaud Héritier made changes -
            Priority Major [ 3 ] Minor [ 4 ]
            Hide
            olamy Olivier Lamy added a comment - - edited

            Sorry for delay I was a bit busy those last days. I'm having a look. Shouldn't be a drama to backport this fix. We will let you know.

            Show
            olamy Olivier Lamy added a comment - - edited Sorry for delay I was a bit busy those last days. I'm having a look. Shouldn't be a drama to backport this fix. We will let you know.
            Hide
            olamy Olivier Lamy added a comment -

            fix backported to jetty-9.2.x branch.
            9.2.21-SNAPSHOT deployed to https://oss.sonatype.org/content/repositories/jetty-snapshots
            let me know how it works with the fix.

            Show
            olamy Olivier Lamy added a comment - fix backported to jetty-9.2.x branch. 9.2.21-SNAPSHOT deployed to https://oss.sonatype.org/content/repositories/jetty-snapshots let me know how it works with the fix.
            Hide
            aheritier Arnaud Héritier added a comment -

            Olivier Lamy I reached my teams to see how we can validate the fix

            Show
            aheritier Arnaud Héritier added a comment - Olivier Lamy I reached my teams to see how we can validate the fix
            oleg_nenashev Oleg Nenashev made changes -
            Assignee Arnaud Héritier [ aheritier ]
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            Assigned the issue to Arnaud Héritier

            Show
            oleg_nenashev Oleg Nenashev added a comment - Assigned the issue to Arnaud Héritier
            Show
            olamy Olivier Lamy added a comment - pr https://github.com/jenkinsci/winstone/pull/32
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            Olivier Lamy Is this issue bad enough to consider backporting to 2.46.3? If no, maybe we should upgrade Weekly directly to 9.3.latest

            Show
            oleg_nenashev Oleg Nenashev added a comment - Olivier Lamy Is this issue bad enough to consider backporting to 2.46.3? If no, maybe we should upgrade Weekly directly to 9.3.latest
            Hide
            danielbeck Daniel Beck added a comment -

            Not worth it IMO.

            Show
            danielbeck Daniel Beck added a comment - Not worth it IMO.
            Hide
            olamy Olivier Lamy added a comment -

            agree. 9.3 latest is better  ( Java 8 mandatory)

             

            Show
            olamy Olivier Lamy added a comment - agree. 9.3 latest is better  ( Java 8 mandatory)  
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Olivier Lamy
            Path:
            README.md
            pom.xml
            src/java/winstone/HostConfiguration.java
            src/java/winstone/HttpsConnectorFactory.java
            src/java/winstone/LocalStrings.properties
            src/java/winstone/cmdline/Option.java
            src/java/winstone/realm/ArgumentsRealm.java
            src/java/winstone/realm/FileRealm.java
            src/testwebapp/WEB-INF/web.xml
            http://jenkins-ci.org/commit/winstone/16a1f190035a9ac32c62b9736c30808cfa5ff63d
            Log:
            Merge pull request #32 from olamy/features/jetty_9.2.21.v20170120

            [JENKINS-40693, JENKINS-43713] upgrade to jetty 9.4.x

            Compare: https://github.com/jenkinsci/winstone/compare/59d84ed22913...16a1f190035a

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Olivier Lamy Path: README.md pom.xml src/java/winstone/HostConfiguration.java src/java/winstone/HttpsConnectorFactory.java src/java/winstone/LocalStrings.properties src/java/winstone/cmdline/Option.java src/java/winstone/realm/ArgumentsRealm.java src/java/winstone/realm/FileRealm.java src/testwebapp/WEB-INF/web.xml http://jenkins-ci.org/commit/winstone/16a1f190035a9ac32c62b9736c30808cfa5ff63d Log: Merge pull request #32 from olamy/features/jetty_9.2.21.v20170120 [JENKINS-40693, JENKINS-43713] upgrade to jetty 9.4.x Compare: https://github.com/jenkinsci/winstone/compare/59d84ed22913...16a1f190035a
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Oleg Nenashev
            Path:
            CHANGELOG.md
            http://jenkins-ci.org/commit/winstone/05adc4a50eeca136b3d1ed28b3e3149dc4b817f9
            Log:
            Changelog: Mention JENKINS-40693 in 4.0

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Oleg Nenashev Path: CHANGELOG.md http://jenkins-ci.org/commit/winstone/05adc4a50eeca136b3d1ed28b3e3149dc4b817f9 Log: Changelog: Mention JENKINS-40693 in 4.0
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            The issue has been fixed in Winstone 4.0 and integrated into Jenkins 2.61

            It is not an LTS candidate for 2.60.x LTS

            Show
            oleg_nenashev Oleg Nenashev added a comment - The issue has been fixed in Winstone 4.0 and integrated into Jenkins 2.61 It is not an LTS candidate for 2.60.x LTS
            oleg_nenashev Oleg Nenashev made changes -
            Labels regression 2.60.1-rejected 2.60.2-rejected 2.60.3-rejected regression
            oleg_nenashev Oleg Nenashev made changes -
            Status Open [ 1 ] Resolved [ 5 ]
            Resolution Fixed [ 1 ]
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Oleg Nenashev
            Path:
            content/_data/changelogs/weekly.yml
            http://jenkins-ci.org/commit/jenkins.io/bd7e8598e4b85d84286ded5f2e6d71d08d8531ee
            Log:
            Add missing changelog entries for JENKINS-23273 and JENKINS-40693

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Oleg Nenashev Path: content/_data/changelogs/weekly.yml http://jenkins-ci.org/commit/jenkins.io/bd7e8598e4b85d84286ded5f2e6d71d08d8531ee Log: Add missing changelog entries for JENKINS-23273 and JENKINS-40693
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Daniel Beck
            Path:
            content/_data/changelogs/weekly.yml
            http://jenkins-ci.org/commit/jenkins.io/d6c1369d8ebcdff4a9f126097ecc6a7c30ea1d86
            Log:
            Merge pull request #921 from oleg-nenashev/changelog/missing-entries

            Add missing changelog entries for JENKINS-23273 and JENKINS-40693

            Compare: https://github.com/jenkins-infra/jenkins.io/compare/14212ab18dfd...d6c1369d8ebc

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Daniel Beck Path: content/_data/changelogs/weekly.yml http://jenkins-ci.org/commit/jenkins.io/d6c1369d8ebcdff4a9f126097ecc6a7c30ea1d86 Log: Merge pull request #921 from oleg-nenashev/changelog/missing-entries Add missing changelog entries for JENKINS-23273 and JENKINS-40693 Compare: https://github.com/jenkins-infra/jenkins.io/compare/14212ab18dfd...d6c1369d8ebc
            cloudbees CloudBees Inc. made changes -
            Remote Link This issue links to "CloudBees Internal OSS-1776 (Web Link)" [ 18580 ]

              People

              • Assignee:
                aheritier Arnaud Héritier
                Reporter:
                aheritier Arnaud Héritier
              • Votes:
                1 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: