HTTP Tolerant Request Parsing


<< Back to Knowledge Search

Solution

Overview

 

Understanding Tolerant HTTP Request Parsing By default, the ProxySG blocks malformed HTTP requests, returning a 400 Invalid Request error. The tolerant HTTP request parsing flag causes certain types of malformed requests to be processed instead of being rejected.
 
By default, a header line not beginning with a <Tab> or space character must consist of a header name (which contains no <Tab> or space characters), followed by a colon, followed by an optional value, or an error is reported. With tolerant request parsing enabled, a request header name is allowed to contain <Tab> or space characters, and if the request header line does not contain a colon, then the entire line is taken as the header name.
A header containing one or more <Tab> or space characters, and nothing else, is considered ambiguous. Blue Coat does not know if this is a blank continuation line or if it is the blank line that signals the end of the header section. By default, an ambiguous blank line is illegal, and an error is reported. With tolerant request parsing enabled, an ambiguous blank line is treated as the blank line that signals the end of the header section.
 
To Enable the HTTP Tolerant Request Parsing Flag through the CLI
 
Note: This feature is only available through the CLI. It cannot be set through the Management Console.
 
From the (config) prompt, enter the following command to enable tolerant HTTP request parsing (the default is disabled):
SGOS#(config) http tolerant-request-parsing
 
To disable HTTP tolerant request parsing, enter the following command:
SGOS#(config) http no tolerant-request-parsing

 

Here is the GET requests from working and non-working.

400 Bad Request:
GET http://www.google.com/trends?q=annka+sorenstam,+michelle+wie HTTP/1.0
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-silverlight, application/x-silverlight-2-b2, */*
Accept-Language: en-us
UA-CPU: x86
Proxy-Connection: Keep-Alive
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; IEMB3; .NET CLR 2.0.50727; IEMB3)
Host: www.google.com
Cookie: PREF=ID=f685dc26bb332848:TM=1234999965:LM=1234999965:S=R1r_jIqtuS1FxLKY; NID=19=GXzMU2_xbI1FEDE271qoPk995wncwEEkwWZ6kNnksvjPsFacBMJ7phMuR3Z7J-Ozmw32-JEX4cTdmUcdwxV34uJagvS0upWzLDTM2Xw_u6-7JxcQcwaXSZaS0PdeTcUq; BCSI-CSCC4F542D=2
 
Working through different proxy running same SG OS 4.2.8.6 GET http://www.google.com/trends?q=annka+sorenstam,+michelle+wie HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/xaml+xml, application/vnd.ms-xpsdocument, application/x-ms-xbap, application/x-ms-application, application/x-silverlight, */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648)
Host: www.google.com
Proxy-Connection: Keep-Alive
 
 
Cause
Resolution
Workaround
Additional Information
Bug Number
InQuira Doc IdFAQ2220
Attachment

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      ProxySG
Software      SGOS 4, SGOS 5, SGOS 6
Article Number      000011661
Summary     
Was this helpful?
Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat