Fwd: HTTP/2: Missing location header on 301 redirects

Valentin V. Bartenev vbart at nginx.com
Wed Aug 12 17:24:33 UTC 2015


On Wednesday 12 August 2015 10:53:20 Joe Shaw wrote:
> Hi,
> 
> I've been taking the alpha HTTP/2 support for a spin, and noticed that 301
> redirects are missing the Location response header.  Thus, browsers don't
> redirect and just show an HTML page instead.
> 
> Here's the output of nginx -V:
> 
> nginx version: nginx/1.9.3
> built by gcc 4.8.4 (Ubuntu 4.8.4-2ubuntu1~14.04)
> built with OpenSSL 1.0.2d 9 Jul 2015
> TLS SNI support enabled
> configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx
> --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log
> --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid
> --lock-path=/var/run/nginx.lock
> --http-client-body-temp-path=/var/cache/nginx/client_temp
> --http-proxy-temp-path=/var/cache/nginx/proxy_temp
> --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp
> --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp
> --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx
> --with-http_ssl_module --with-http_realip_module
> --with-http_addition_module --with-http_sub_module --with-http_dav_module
> --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module
> --with-http_gzip_static_module --with-http_random_index_module
> --with-http_secure_link_module --with-http_stub_status_module
> --with-http_auth_request_module --with-threads --with-stream
> --with-stream_ssl_module --with-mail --with-mail_ssl_module --with-file-aio
> --with-http_v2_module --with-cc-opt='-g -O2 -fstack-protector
> --param=ssp-buffer-size=4 -Wformat -Werror=format-security'
> --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro' --with-ipv6
> 
> I'm testing using the URL https://joeshaw.org/about (which redirects to
> /about/).
> 
> Here's the output of a HTTP/1.1 request from curl:
> 
> < HTTP/1.1 301 Moved Permanently
> * Server nginx is not blacklisted
> < Server: nginx
> < Date: Wed, 12 Aug 2015 14:43:41 GMT
> < Content-Type: text/html
> < Content-Length: 178
> < Location: https://joeshaw.org/about/
> < Connection: keep-alive
> < Strict-Transport-Security: max-age=15768000; preload
> < Public-Key-Pins:
> pin-sha256="aBBtZy0hiXFCr7RV/RqoJoTCMHEhrwtB6IfgSPCY2sA=";
> pin-sha256="d6qzvu9zOKCb90Uez27xWltNsj0e1Md7GkYYkVoZwmm="; max-age=86400
> < X-Frame-Options: DENY
> 
> Here's the HTTP/2 output from h2i (
> https://github.com/bradfitz/http2/tree/master/h2i):
> 
> [FrameHeader HEADERS flags=END_HEADERS stream=1 len=284]
>   :status = "301"
>   server = "nginx"
>   date = "Wed, 12 Aug 2015 14:44:31 GMT"
>   content-type = "text/html"
>   content-length = "178"
>   strict-transport-security = "max-age=15768000; preload"
>   public-key-pins =
> "pin-sha256=\"aBBtZy0hiXFCr7RV/RqoJoTCMHEhrwtB6IfgSPCY2sA=\";
> pin-sha256=\"d6qzvu9zOKCb90Uez27xWltNsj0e1Md7GkYYkVoZwmm=\"; max-age=86400"
>   x-frame-options = "DENY"
> 
> I hope this is helpful.
> 


We are unable to reproduce the problem with a simple configuration.
Could you provide your config?

  wbr, Valentin V. Bartenev



More information about the nginx-devel mailing list