Malformed varnishncsa output

Dag-Erling Smørgrav des at
Wed Nov 26 10:05:12 CET 2008

Skye Poier Nott <skye at> writes:
> I'm getting a lot of lines line this from varnishncsa:
> - - [25/Nov/2008:19:11:14 +0000] "GET http:// 
> vectordevhttp://vectordev/devsite/diagrams/tn-rev1.png HTTP/1.1" 200  
> 60834 "-" "curl/7.16.3 (amd64-portbld-freebsd6.3) libcurl/7.16.3  
> OpenSSL/0.9.7e zlib/1.2.3"
> Notice the duplicated http://vectordevhttp://vectordev part after GET.

Varnish (and varnishncsa) expect the request URI to be an absolute path,
not an absolute URI as in this case.  I don't know of any other user
agent that behaves like this, and RFC2616 indicates that HTTP/1.1 user
agents should not use an absolute URI as the request URI unless talking
to a proxy.  However, it also indicates that this might change in future
protocol versions, and that servers should support absolute URIs in the
interest of forward compatibility.  The simplest solution is to strip
off everything but the path and query string.  A more advanced solution
would be to validate it against the Host header, and reject the request
if they don't match; however, validation could get tricky if the host
part includes a user and / or password, or a port number.

(Note that I've argued for URI parsing and validation from the start...)

Dag-Erling Smørgrav - des at

More information about the varnish-misc mailing list