Custom page for 400 (Bad Request)

Igor Sysoev igor at sysoev.ru
Wed Dec 15 01:39:20 MSK 2010 

On Wed, Dec 15, 2010 at 01:35:17AM +0300, Igor Sysoev wrote:

> On Tue, Dec 14, 2010 at 12:33:02PM -0500, Denis wrote:
> 
> > [quote]
> > This should be added to default server, as error 400 is generated
> > before any server_name matching occurs.
> > [/quote]
> > 
> > Yep, I added it to the default server. At least, it's listening as
> > [code]
> > listen       80 default;
> > [/code]
> > 
> > [quote]
> > Note that you may also bump client_header_buffer_size /
> > large_client_header_buffers if you want cookies in question to be
> > actually accepted and processed (this should be done in default
> > server, too, or at http level).
> > [/quote]
> > That's exactly what I'm bumping. Sorry, I should have made it more clear
> > in my first post. I don't want to make my large_client_header_buffer 1
> > megabyte and I need some kind of way to fall back gracefully when a
> > client appears with 1Mbyte cookie. Like show him a page saying "your
> > cookie is too large, please delete it" or delete it in javascript.
> > But the problem is, I either get that hardcoded simple page or get http
> > response with no response body at all.
> > [code]
> > $ curl http://foobar.com/ -b hugecookies.jar
> > HTTP/1.1 400 Bad Request
> > Server: nginx
> > Date: Tue, 14 Dec 2010 17:29:07 GMT
> > Content-Type: text/html; charset=EUC-JP
> > Content-Length: 237
> > Connection: close
> > 
> > curl: (55) Send failure: Connection reset by peer
> > $
> > [/code]
> 
> The attached patch allows HTTP lingering close for 400 responses.
> However, it will not be included in next releases: I'm going to
> introduce a special code, say 490, for long HTTP header lines as
> it's already done for SSL errors (495, 496, and 497). Then you can
> set expliclty
> 
>     error_page  490  =200 /large_cookie.html;

Forgot the patch.


-- 
Igor Sysoev
http://sysoev.ru/en/
-------------- next part --------------
Index: src/http/ngx_http_request.c
===================================================================
--- src/http/ngx_http_request.c	(revision 3163)
+++ src/http/ngx_http_request.c	(working copy)
@@ -992,6 +992,8 @@
                         p[len++] = '.'; p[len++] = '.'; p[len++] = '.';
                     }
 
+                    r->lingering_close = 1;
+
                     ngx_log_error(NGX_LOG_INFO, c->log, 0,
                                   "client sent too long header line: \"%*s\"",
                                   len, r->header_name_start);
Index: src/http/ngx_http_special_response.c
===================================================================
--- src/http/ngx_http_special_response.c	(revision 3163)
+++ src/http/ngx_http_special_response.c	(working copy)
@@ -366,7 +366,6 @@
 
     if (r->lingering_close == 1) {
         switch (error) {
-            case NGX_HTTP_BAD_REQUEST:
             case NGX_HTTP_TO_HTTPS:
             case NGX_HTTPS_CERT_ERROR:
             case NGX_HTTPS_NO_CERT:

More information about the nginx mailing list