Caddy requirement to use http 1.0

Chris_Muench · June 14, 2023, 4:26am

1. The problem I’m having:

I have to use http version 1.0 protocol for an odd requirement of cloudflare cache reserve (Why is my dynamic content being sent with chunked encoding · Cloudflare Support docs)

I am using Caddy Docker Proxy GitHub - lucaslorentz/caddy-docker-proxy: Caddy as a reverse proxy for Docker that routes to my php apache container. I am able to use http 1.0 in apache, but caddy responds with http 2.0 even though the apache server responds with 1.0. I need caddy to honor the protocol version of apache (which can be different based on request (1.0,1.1,2.0).

2. Error messages and/or full log output:

Responses from caddy reverse proxy using http 2.0

3. Caddy version:

/ # caddy version
v2.6.4 h1:2hwYqiRwk1tf3VruhMpLcYTg+11fCdr8S3jhNAdnPy8=

4. How I installed and ran Caddy:

docker caddy proxy (GitHub - lucaslorentz/caddy-docker-proxy: Caddy as a reverse proxy for Docker)

a. System environment:

ubuntu using docker

b. Command:

runs via docker compose

c. Service/unit/compose file:

  app:
    logging:
      driver: "local"
    deploy:
      mode: global
      restart_policy:
        condition: any
      placement:
        constraints: [node.labels.app == true]
      labels:
        caddy: "http://"
        caddy.reverse_proxy.trusted_proxies: "private_ranges"
        caddy.reverse_proxy: "{{upstreams}}"
        caddy.reverse_proxy.transport: "http"
        caddy.reverse_proxy.transport.versions: "1.0"

d. My complete Caddy config:

{
  "admin": {
    "listen": "tcp/10.200.200.8:2019"
  },
  "apps": {
    "http": {
      "servers": {
        "srv0": {
          "listen": [
            ":80"
          ],
          "routes": [
            {
              "handle": [
                {
                  "handler": "subroute",
                  "routes": [
                    {
                      "handle": [
                        {
                          "handler": "reverse_proxy",
                          "trusted_proxies": [
                            "192.168.0.0/16",
                            "172.16.0.0/12",
                            "10.0.0.0/8",
                            "127.0.0.1/8",
                            "fd00::/8",
                            "::1"
                          ],
                          "upstreams": [
                            {
                              "dial": "lync_redirect_lync_vidapay:80"
                            }
                          ]
                        }
                      ]
                    }
                  ]
                }
              ],
              "match": [
                {
                  "host": [
                    "lync.vidapay.com"
                  ]
                }
              ],
              "terminal": true
            },
            {
              "handle": [
                {
                  "handler": "subroute",
                  "routes": [
                    {
                      "handle": [
                        {
                          "handler": "reverse_proxy",
                          "trusted_proxies": [
                            "192.168.0.0/16",
                            "172.16.0.0/12",
                            "10.0.0.0/8",
                            "127.0.0.1/8",
                            "fd00::/8",
                            "::1"
                          ],
                          "upstreams": [
                            {
                              "dial": "lync_app_background:80"
                            }
                          ]
                        }
                      ]
                    }
                  ]
                }
              ],
              "match": [
                {
                  "host": [
                    "app.lyncpos.com",
                    "lync.vidapay.com",
                    "lync.vidapay.*.tcetra.dev"
                  ],
                  "path": [
                    "/index.php/cron/*"
                  ]
                },
                {
                  "host": [
                    "app.lyncpos.com",
                    "lync.vidapay.com",
                    "lync.vidapay.*.tcetra.dev"
                  ],
                  "path": [
                    "/PHP-Point-Of-Sale-Prev/index.php/cron/*"
                  ]
                },
                {
                  "host": [
                    "app.lyncpos.com",
                    "lync.vidapay.com",
                    "lync.vidapay.*.tcetra.dev"
                  ],
                  "path": [
                    "/index.php/ecommerce/manual_sync"
                  ]
                },
                {
                  "host": [
                    "app.lyncpos.com",
                    "lync.vidapay.com",
                    "lync.vidapay.*.tcetra.dev"
                  ],
                  "path": [
                    "/index.php/background/*"
                  ]
                },
                {
                  "host": [
                    "app.lyncpos.com",
                    "lync.vidapay.com",
                    "lync.vidapay.*.tcetra.dev"
                  ],
                  "path": [
                    "/PHP-Point-Of-Sale-Prev/index.php/background/*"
                  ]
                },
                {
                  "host": [
                    "lync.vidapay.com",
                    "lync.vidapay.*.tcetra.dev"
                  ],
                  "path": [
                    "/index.php/ecommerce/cron"
                  ]
                }
              ],
              "terminal": true
            },
            {
              "handle": [
                {
                  "handler": "subroute",
                  "routes": [
                    {
                      "handle": [
                        {
                          "handler": "reverse_proxy",
                          "transport": {
                            "protocol": "http",
                            "versions": [
                              "1.0"
                            ]
                          },
                          "trusted_proxies": [
                            "192.168.0.0/16",
                            "172.16.0.0/12",
                            "10.0.0.0/8",
                            "127.0.0.1/8",
                            "fd00::/8",
                            "::1"
                          ],
                          "upstreams": [
                            {
                              "dial": "lync_app:80"
                            }
                          ]
                        }
                      ]
                    }
                  ]
                }
              ],
              "terminal": true
            }
          ]
        }
      }
    }
  }
}

5. Links to relevant resources:

matt · June 15, 2023, 7:12pm

Okay, wow that is a weird requirement.

The linked docs say:

So in this case you will need to make sure you are sending HTTP 1.0 as the protocol from your web server if you specifically need the content-length header.

Have you tried just removing the Content-Length header first? (I’m not sure if Go will add it back in, I don’t think it should for chunked encodings).

header -Content-Length

Chris_Muench · June 25, 2023, 1:06pm

Sorry for late reply, I never got email notification and still haven’t solved issue. I did try removing content length header with no luck

Chris_Muench · June 29, 2023, 2:50am

I talked to cloudflare and http 1.0 is not required. I don’t understand why cloudflare isn’t seeing the content-length. Unproxied it is there. This makes me think something about cloudflare request makes caddy remove it. What scenarios could this be?

matt · June 29, 2023, 4:15am

Caddy removes Content-Length header if the length is uncertain. This can happen, for example, if evaluating a template, compressing the response, replacing data in the response, or more generally modifying the response body in some sort of dynamic way.

Chris_Muench · June 29, 2023, 6:34am

What about if content-size is set via php script? Also

Cache Reserve makes requests for uncompressed content directly from the origin. Unlike the standard Cloudflare CDN, Cache Reserve does not include the Accept-Encoding: gzip header when sending requests to the origin

matt · July 1, 2023, 1:43am

Hmm, if the content is truly static (i.e. not a template or proxied from an upstream) then I’m not really sure…

Chris_Muench · July 1, 2023, 1:57am

I am reading blob data from database (jpeg/png) and output. Not sure what else to try

matt · July 1, 2023, 4:39am

So when you say, “Unproxied it is there,” you mean that if you access the resource directly (w/o caddy), it has a Content-Length header?

But then if you make the same request but through Caddy, you have verified that the Content-Length header is not there?

Just want to make sure I’m on the same page.

Chris_Muench · July 1, 2023, 9:11am

I mean accessed via cloudflare (proxied).

system · July 31, 2023, 9:12am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.