handling x_forwarded_proto with Nginx as backend to HAproxy
Francis Daly
francis at daoine.org
Tue Apr 16 08:12:40 UTC 2013
On Tue, Apr 16, 2013 at 02:06:30AM +0400, Maxim Dounin wrote:
> On Mon, Apr 15, 2013 at 10:42:30PM +0100, Francis Daly wrote:
> > On Mon, Apr 15, 2013 at 05:35:27PM -0400, jaychris wrote:
Hi there,
> > > client sent invalid header line: "X_FORWARDED_PROTO: http" while reading
> > > client request headers,
> >
> > "_" is not a valid character in a http header.
> Strictly speaking, "_" isn't invalid, but it's not something nginx
> allows by default due to security problems it might create - as
> it's indistinguishable from "-" in CGI-like headers
> representation.
Oh, thanks for the correction. I learn something new every day.
(RFC 2616 and its definition of "token", which allows 78 characters,
if I count right. I don't know if there's a beyond-ASCII update to extend
that, but it shouldn't restrict it further.)
Cheers,
f
--
Francis Daly francis at daoine.org
More information about the nginx
mailing list