|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2020-05-01 00:59 UTC] requinix@php.net
-Summary: PHP-FPM sends wrong headers to the web server
+Summary: PHP-FPM sends invalid headers '0\xd5e\xc8' to the web
server
[2020-05-01 00:59 UTC] requinix@php.net
[2020-05-01 01:35 UTC] morozov at tut dot by
[2020-05-01 01:44 UTC] requinix@php.net
[2020-05-01 03:54 UTC] morozov at tut dot by
[2020-05-01 04:20 UTC] requinix@php.net
-Status: Open
+Status: Verified
[2020-05-01 04:20 UTC] requinix@php.net
[2020-05-01 05:41 UTC] morozov at tut dot by
[2020-05-01 20:08 UTC] morozov at tut dot by
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Sat Dec 21 17:01:58 2024 UTC |
Description: ------------ Under certain circumstances which I cannot currently isolate, PHP-FPM responds to the webserver (Apache) with certain invalid headers that result in a 500 response from apache. The issue is only reproducible in a proprietary application. There are certain criteria I was able to identify which make the issue trigger. If I remove any of them, the issue goes away: 1. Opcache enabled. 2. header('Expires:'); header('Pragma:'); // note the absence of the value which is probably invalid. Sometimes the issue is also reproducible even w/o invalid headers 3. Response length. With all other parameters the same, a "[]" json response doesn't cause the issue but a valid 180-bytes response does. 4. Some seemingly unrelated function calls like file_get_contents(). Actual result: -------------- Apache response: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>500 Internal Server Error</title> </head><body> <h1>Internal Server Error</h1> <p>The server encountered an internal error or misconfiguration and was unable to complete your request.</p> <p>Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.</p> <p>More information about this error may be available in the server error log.</p> <p>Additionally, a 304 Not Modified error was encountered while trying to use an ErrorDocument to handle the request.</p> <hr> <address>Apache/2.4.41 (Ubuntu) Server at sugarcrm.local Port 80</address> </body></html> Apache logs: [Thu Apr 30 14:57:39.470700 2020] [http:error] [pid 73344:tid 140477684762368] [client 127.0.0.1:35104] AH02429: Response header name '0\xd5e\xc8' contains invalid characters, aborting request, referer: ... [Thu Apr 30 14:57:39.725176 2020] [http:error] [pid 73311:tid 140478498461440] [client 127.0.0.1:35016] AH02429: Response header name '\x90\x84f\xc8' contains invalid characters, aborting request, referer: ... [Thu Apr 30 15:06:12.065188 2020] [http:error] [pid 73344:tid 140478162917120] [client 127.0.0.1:39432] AH02429: Response header name '0\x85f\xc8' contains invalid characters, aborting request, referer: ... [Thu Apr 30 15:14:17.448112 2020] [http:error] [pid 73344:tid 140478869321472] [client 127.0.0.1:43298] AH02429: Response header name 'p\x84f\xc8' contains invalid characters, aborting request, referer: ... [Thu Apr 30 15:43:12.482083 2020] [http:error] [pid 73344:tid 140478877714176] [client 127.0.0.1:57656] AH02429: Response header name '@\x84f\xc8' contains invalid characters, aborting request, referer: ... [Thu Apr 30 15:50:02.294075 2020] [http:error] [pid 73311:tid 140478246811392] [client 127.0.0.1:60500] AH02429: Response header name 'P\x84f\xc8' contains invalid characters, aborting request, referer: ... [Thu Apr 30 15:50:05.837520 2020] [http:error] [pid 73311:tid 140478230025984] [client 127.0.0.1:33090] AH02429: Response header name ' \x84f\xc8' contains invalid characters, aborting request, referer: ...