Problem with error and (large) POST requests
viapanda at gmail.com
Thu Sep 15 04:13:20 CEST 2011
I have a problem with calling "error" and POST requests.
Reproducing is rather simple - use a default varnish install, then just do:
error 413 "Whatever";
Now, curl your server by posting a (small) payload.
-> (might) work, and the client (might) get a 413 answer
Now, curl your server by posting a (somewhat huge ~ 1MB) payload.
-> curl will end-up with a "broken pipe" without getting any answer.
Browsers (at least Firefox and Chrome) doing XHR in the same setup will end-up in the same state (readyState 4, status 0) (without being able to read the answer).
On the other hand, Varnishlog demonstrates that the answer clearly is sent, and everything is normal from Varnish POV.
Interestingly, even Varnish as a client (if pointing a backend to the Varnish sending the error in recv), exhibits:
5 FetchError c backend write error: 32 (Broken pipe)
and returns a 503 no matter the actual code sent by the "backend".
… which makes me think that varnish (server) behavior in that case is wrong.
If you do the "error" in "vcl_pass", you get the same problem.
If you "error" in "vcl_fetch", though… things work as expected.
So, it looks to me like:
1- varnish doesn't read the request body before it actually queries the backend (in which case it passes it), or before it gets out of hit (in which case the body is dropped - though, if the request has a body, it's quite likely we will call "pass"...)
2- calling "error" means Varnish closes the tcp connection immediately
3- a client that finds itself in a position where the connection is closed *before it has time to write the entire request* just stops here and fail
4- calling "error" means Varnish doesn't wait for the entire request body to be available/consumed (if it hasn't been already)
Assuming I'm correct in these assumptions, then it means that "error" when handling requests with a body is NOT usable at all before having queried a backend.
I'm not sure this behavior is intended - if it is, then maybe the documentation should be updated? (I couldn't find a reference to that problem in here: https://www.varnish-cache.org/docs/3.0/reference/vcl.html), and error is clearly mentioned as being usable in recv, etc.
If it's not, then possibly the solution would be that the error routine actually makes sure that the entire request body has been sent.
Right now, I'm workarounding by calling "error" inside vcl_fetch after having queried a dumb backend which only purpose is to force varnish to consume the body - though this is quite convoluted and suboptimal.
What do you guys think?
Thanks a lot!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the varnish-misc