[Varnish] #1009: Varnish allows invalid headers

Varnish varnish-bugs at varnish-cache.org
Tue Sep 6 09:53:22 CEST 2011

#1009: Varnish allows invalid headers
  Reporter:  scoof       |        Type:  defect  
    Status:  closed      |    Priority:  low     
 Milestone:              |   Component:  varnishd
   Version:  trunk       |    Severity:  normal  
Resolution:  worksforme  |    Keywords:          
Changes (by phk):

  * status:  new => closed
  * resolution:  => worksforme


 The reason why we do not do this, is that Varnish does not text-process
 all headers, only the ones it needs to use.

 RFC2616 says
 10.4.1 400 Bad Request

    The request could not be understood by the server due to malformed
    syntax. The client SHOULD NOT repeat the request without

 If an HTTP request contains a dskfjsldkfslkfjsdl line, Varnish is still
 perfectly able to understand it, it just ignores that line.

 If you want to have Varnish be anal retentive about HTTP request, the way
 to do it, is to write a VMOD::strict.

 The bug in this case is in varnishncsa (as per ticket #1006).

Ticket URL: <http://www.varnish-cache.org/trac/ticket/1009#comment:1>
Varnish <http://varnish-cache.org/>
The Varnish HTTP Accelerator

More information about the varnish-bugs mailing list