Welcome! Log In Create A New Profile

Advanced

Re: 100-continue and 401

Luka Perkov
March 20, 2013 05:12AM
Hi Nick,

On Tue, Mar 19, 2013 at 05:09:38PM +0000, Nick Kew wrote:
> On 19 Mar 2013, at 12:31, Luka Perkov wrote:
> > I'm using nginx as a frontend for my SCGI application and I want to
> > $ curl -v -X POST -d "@/path/to/some/blob" http://127.0.0.1:8000/
> > * About to connect() to 127.0.0.1 port 8000 (#0)
> > * Trying 127.0.0.1...
> > * Connected to 127.0.0.1 (127.0.0.1) port 8000 (#0)
> >> POST / HTTP/1.1
> >> User-Agent: curl/7.29.0
> >> Host: 127.0.0.1:8000
> >> Accept: */*
> >> Content-Length: 3398
> >> Content-Type: application/x-www-form-urlencoded
> >> Expect: 100-continue
>
> That's OK.
> >>
> > < HTTP/1.1 100 Continue
> > < HTTP/1.1 401 Unauthorized
>
> That's not OK. It would need at least a blank line between
> those two to make an intermediate and a final response
> (without that it's broken).

If I add blank line before sending "401 Unauthorized" I end up with
this:

$ curl -v -X POST -d "@/path/to/some/blob" http://127.0.0.1:8000/
* About to connect() to 127.0.0.1 port 8000 (#0)
* Trying 127.0.0.1...
* Connected to 127.0.0.1 (127.0.0.1) port 8000 (#0)
> POST / HTTP/1.1
> User-Agent: curl/7.29.0
> Host: 127.0.0.1:8000
> Accept: */*
> Cookie: queue=bla
> Content-Length: 3398
> Content-Type: application/x-www-form-urlencoded
> Expect: 100-continue
>
< HTTP/1.1 100 Continue
< HTTP/1.1 200 OK
< Server: nginx/1.3.14
< Date: Wed, 20 Mar 2013 09:05:18 GMT
< Transfer-Encoding: chunked
< Connection: keep-alive
<
Status: 401 Unauthorized
WWW-Authenticate: Basic realm="freeacs-ng"

And that is not what I want ;)

> The server should also wait for the payload it's just invited,
> but perhaps the client didn't wait before sending it?

Well, as far as I understand nginx can send SCGI request only after it
got the entire post body. And in order to get the post body it needs to
send "100 Continue"...

> > < WWW-Authenticate: Basic realm="bla-bla-bla"
>
> That's OK so long as it sends the (chunked) response promised.
>
> > * HTTP error before end of send, stop sending
> > <
> > * Closing connection 0
>
> … but the client thinks it didn't. Whoops!

I can make tcpdump captures if that would help...

> How much of those responses are being generated by your app?
> I'd expect the server to take care of protocol issues like the
> intermediate response and chunked encoding - unless your app
> disables it!

I would like that my SCGI daemon is in charge of user authorization
which will be performed based on HTTP authorization header.

Is that possible? And if yes what response should the SCGI daemon send?

Luka

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Subject Author Views Posted

100-continue and 401

Luka Perkov 4229 March 19, 2013 08:28AM

Re: 100-continue and 401

Vladimir Shebordaev 1964 March 19, 2013 11:38AM

Re: 100-continue and 401

Luka Perkov 1181 March 20, 2013 04:40AM

Re: 100-continue and 401

Dmitry Petrov 1414 March 20, 2013 05:14AM

Re: 100-continue and 401

Nick Kew 1389 March 19, 2013 01:12PM

Re: 100-continue and 401

Luka Perkov 1180 March 20, 2013 05:12AM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 212
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready