Duplicate Content-Length header with same value, recent change in behavior intentional?

Maxim Dounin mdounin at mdounin.ru
Wed Apr 19 18:52:21 UTC 2023


On Wed, Apr 19, 2023 at 08:57:28AM -0400, Jesse Stimpson via nginx wrote:

> I've noticed a recent change in behavior that occurred between releases
> 1.22.1 and 1.23.4, and I'm unable to find this particular change documented.
> If an upstream proxy sends a response with duplicate Content-Length
> headers, both of the same value, nginx 1.22.1 allows the response to be
> sent to the client, removing the duplicate. However, nginx 1.23.4 (and
> 1.24.0) responds to the client with a 502. I did not explicitly test with
> any other versions.
> I won't try to make any claims on the correctness of either behavior, but
> it is a change that may affect some workloads.


> Is this change intentional? Did I overlook it in the Changelog?

Yes, it is.  It is part of a large work to implement proper 
handling of multiple header lines with the same name, as done in 
nginx 1.23.0.  The particular commit is:


The particular modification isn't in the change log as the 
upstream response in question is obviously invalid and should 
never be accepted in the first place, and the change is more or 
less a minor cleanup work.

Maxim Dounin

More information about the nginx mailing list