Duplicate Content-Length header with same value, recent change in behavior intentional?
mdounin at mdounin.ru
Wed Apr 19 18:52:21 UTC 2023
On Wed, Apr 19, 2023 at 08:57:28AM -0400, Jesse Stimpson via nginx wrote:
> I've noticed a recent change in behavior that occurred between releases
> 1.22.1 and 1.23.4, and I'm unable to find this particular change documented.
> If an upstream proxy sends a response with duplicate Content-Length
> headers, both of the same value, nginx 1.22.1 allows the response to be
> sent to the client, removing the duplicate. However, nginx 1.23.4 (and
> 1.24.0) responds to the client with a 502. I did not explicitly test with
> any other versions.
> I won't try to make any claims on the correctness of either behavior, but
> it is a change that may affect some workloads.
> Is this change intentional? Did I overlook it in the Changelog?
Yes, it is. It is part of a large work to implement proper
handling of multiple header lines with the same name, as done in
nginx 1.23.0. The particular commit is:
The particular modification isn't in the change log as the
upstream response in question is obviously invalid and should
never be accepted in the first place, and the change is more or
less a minor cleanup work.
More information about the nginx