Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-40693

badMessage: 400 Bad Host header for HttpChannelOverHttp

      Behind a reverse proxy a requests may fail with this error

      WARNING	o.e.jetty.util.log.JavaUtilLog#warn: badMessage: 400 Bad Host header for HttpChannelOverHttp@123456{r=0,c=false,a=IDLE,uri=/foo/bar/}
      

      In Jenkins 2.0 Jetty was upgraded from 8.1 to 9.2 which removes AJP functionality, and also requires that if the HOST: field is used it can not be empty.

      KO:

      GET /foo/bar HTTP/1.1\r\nHOST: \r\nConnection: Close\r\n\r\n
      

      OK:

      GET /foo/bar HTTP/1.1\r\nHOST:null \r\nConnection: Close\r\n\r\n
      

      Current winstone version includes Jetty server 9.2.15.v20160210.

      The fix is in 9.3.... See:
      https://github.com/eclipse/jetty.project/issues/592. https://github.com/eclipse/jetty.project/commit/7e16731b9dac0d5b6ae5424a13c83fd4ef46dc4f

      The Jetty version embedded in winstone must be upgraded to have a fix
      The workaround is to take care to never send an empty HOST

          [JENKINS-40693] badMessage: 400 Bad Host header for HttpChannelOverHttp

          Oleg Nenashev added a comment -

          Assigned the issue to aheritier

          Oleg Nenashev added a comment - Assigned the issue to aheritier

          Olivier Lamy added a comment -

          Olivier Lamy added a comment - pr https://github.com/jenkinsci/winstone/pull/32

          Oleg Nenashev added a comment -

          olamy Is this issue bad enough to consider backporting to 2.46.3? If no, maybe we should upgrade Weekly directly to 9.3.latest

          Oleg Nenashev added a comment - olamy Is this issue bad enough to consider backporting to 2.46.3? If no, maybe we should upgrade Weekly directly to 9.3.latest

          Daniel Beck added a comment -

          Not worth it IMO.

          Daniel Beck added a comment - Not worth it IMO.

          Olivier Lamy added a comment -

          agree. 9.3 latest is better  ( Java 8 mandatory)

           

          Olivier Lamy added a comment - agree. 9.3 latest is better  ( Java 8 mandatory)  

          Code changed in jenkins
          User: Olivier Lamy
          Path:
          README.md
          pom.xml
          src/java/winstone/HostConfiguration.java
          src/java/winstone/HttpsConnectorFactory.java
          src/java/winstone/LocalStrings.properties
          src/java/winstone/cmdline/Option.java
          src/java/winstone/realm/ArgumentsRealm.java
          src/java/winstone/realm/FileRealm.java
          src/testwebapp/WEB-INF/web.xml
          http://jenkins-ci.org/commit/winstone/16a1f190035a9ac32c62b9736c30808cfa5ff63d
          Log:
          Merge pull request #32 from olamy/features/jetty_9.2.21.v20170120

          [JENKINS-40693, JENKINS-43713] upgrade to jetty 9.4.x

          Compare: https://github.com/jenkinsci/winstone/compare/59d84ed22913...16a1f190035a

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Olivier Lamy Path: README.md pom.xml src/java/winstone/HostConfiguration.java src/java/winstone/HttpsConnectorFactory.java src/java/winstone/LocalStrings.properties src/java/winstone/cmdline/Option.java src/java/winstone/realm/ArgumentsRealm.java src/java/winstone/realm/FileRealm.java src/testwebapp/WEB-INF/web.xml http://jenkins-ci.org/commit/winstone/16a1f190035a9ac32c62b9736c30808cfa5ff63d Log: Merge pull request #32 from olamy/features/jetty_9.2.21.v20170120 [JENKINS-40693, JENKINS-43713] upgrade to jetty 9.4.x Compare: https://github.com/jenkinsci/winstone/compare/59d84ed22913...16a1f190035a

          Code changed in jenkins
          User: Oleg Nenashev
          Path:
          CHANGELOG.md
          http://jenkins-ci.org/commit/winstone/05adc4a50eeca136b3d1ed28b3e3149dc4b817f9
          Log:
          Changelog: Mention JENKINS-40693 in 4.0

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Oleg Nenashev Path: CHANGELOG.md http://jenkins-ci.org/commit/winstone/05adc4a50eeca136b3d1ed28b3e3149dc4b817f9 Log: Changelog: Mention JENKINS-40693 in 4.0

          Oleg Nenashev added a comment -

          The issue has been fixed in Winstone 4.0 and integrated into Jenkins 2.61

          It is not an LTS candidate for 2.60.x LTS

          Oleg Nenashev added a comment - The issue has been fixed in Winstone 4.0 and integrated into Jenkins 2.61 It is not an LTS candidate for 2.60.x LTS

          Code changed in jenkins
          User: Oleg Nenashev
          Path:
          content/_data/changelogs/weekly.yml
          http://jenkins-ci.org/commit/jenkins.io/bd7e8598e4b85d84286ded5f2e6d71d08d8531ee
          Log:
          Add missing changelog entries for JENKINS-23273 and JENKINS-40693

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Oleg Nenashev Path: content/_data/changelogs/weekly.yml http://jenkins-ci.org/commit/jenkins.io/bd7e8598e4b85d84286ded5f2e6d71d08d8531ee Log: Add missing changelog entries for JENKINS-23273 and JENKINS-40693

          Code changed in jenkins
          User: Daniel Beck
          Path:
          content/_data/changelogs/weekly.yml
          http://jenkins-ci.org/commit/jenkins.io/d6c1369d8ebcdff4a9f126097ecc6a7c30ea1d86
          Log:
          Merge pull request #921 from oleg-nenashev/changelog/missing-entries

          Add missing changelog entries for JENKINS-23273 and JENKINS-40693

          Compare: https://github.com/jenkins-infra/jenkins.io/compare/14212ab18dfd...d6c1369d8ebc

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Daniel Beck Path: content/_data/changelogs/weekly.yml http://jenkins-ci.org/commit/jenkins.io/d6c1369d8ebcdff4a9f126097ecc6a7c30ea1d86 Log: Merge pull request #921 from oleg-nenashev/changelog/missing-entries Add missing changelog entries for JENKINS-23273 and JENKINS-40693 Compare: https://github.com/jenkins-infra/jenkins.io/compare/14212ab18dfd...d6c1369d8ebc

            aheritier Arnaud Héritier
            aheritier Arnaud Héritier
            Votes:
            1 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: