caddy version):
v2.4.4 h1:QBsN1jXEsCqRpKPBb8ebVnBNgPxwL50HINWWTuZ7evU=
amazon linux 2
{
"apps": {
"http": {
"servers": {
"srv0": {
"listen": [
":443"
],
"routes": [
{
"handle": [
{
"handler":"encode",
"encodings":{"gzip":{},"zstd":{}},
"prefer":["zstd","gzip"]
},
{
"handler": "reverse_proxy",
"upstreams": [
{
"dial": "10.50.1.6:80"
}
],
"headers":{
"response":{
"set":{
"Access-Control-Allow-Origin":["*"]
}
}
}
}
]
}
],
"tls_connection_policies": [
{}
]
}
}
},
"tls": {
"automation": {
"policies": [
{
"issuers": [
{
"email": "support@ezot.com",
"module": "acme"
},
{
"email": "support@ezot.com",
"module": "zerossl"
}
],
"on_demand": true
}
],
"on_demand": {
"ask": "http://10.50.1.6/.check"
}
}
}
},
"storage": {
"module": "file_system",
"root": "/certs/caddy/certmagic"
}
}
page content shows as gibberish due to compressed content being sent but no header added for content-encoding
removing encode handler fixes the issue
Unfortunately, this is a known issue with v2.4.4.
opened 10:52PM - 30 Aug 21 UTC
closed 07:36PM - 31 Aug 21 UTC
bug
Affected version: 2.4.4
I noticed that the `Content-Encoding` header is missi… ng on reverse proxied responses when they are big enough so they are transferred in chunks. The response is encoded but the header isn't sent, which results in garbled mess.
Example Caddyfile:
```caddy-d
http://:80 {
encode zstd gzip
reverse_proxy 127.0.0.1:8080
}
http://:8080 {
respond / "Long enough response, that would get compressed by some of the encoder modules and transferred chunked.
Long enough response, that would get compressed by some of the encoder modules and transferred chunked.
Long enough response, that would get compressed by some of the encoder modules and transferred chunked.
Long enough response, that would get compressed by some of the encoder modules and transferred chunked.
Long enough response, that would get compressed by some of the encoder modules and transferred chunked.
Long enough response, that would get compressed by some of the encoder modules and transferred chunked.
Long enough response, that would get compressed by some of the encoder modules and transferred chunked.
Long enough response, that would get compressed by some of the encoder modules and transferred chunked.
Long enough response, that would get compressed by some of the encoder modules and transferred chunked.
Long enough response, that would get compressed by some of the encoder modules and transferred chunked.
Long enough response, that would get compressed by some of the encoder modules and transferred chunked.
Long enough response, that would get compressed by some of the encoder modules and transferred chunked.
Long enough response, that would get compressed by some of the encoder modules and transferred chunked.
Long enough response, that would get compressed by some of the encoder modules and transferred chunked.
Long enough response, that would get compressed by some of the encoder modules and transferred chunked.
Long enough response, that would get compressed by some of the encoder modules and transferred chunked.
Long enough response, that would get compressed by some of the encoder modules and transferred chunked.
Long enough response, that would get compressed by some of the encoder modules and transferred chunked.
Long enough response, that would get compressed by some of the encoder modules and transferred chunked.
Long enough response, that would get compressed by some of the encoder modules and transferred chunked.
"
header Content-Type text/plain;charset=utf8
}
```
Request / Response:
```shell
$ curl -v --compressed -o /dev/null -s localhost
* Trying 127.0.0.1:80...
* Connected to localhost (127.0.0.1) port 80 (#0)
> GET / HTTP/1.1
> Host: localhost
> User-Agent: curl/7.78.0
> Accept: */*
> Accept-Encoding: deflate, gzip, br, zstd
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Content-Type: text/plain;charset=utf8
< Date: Mon, 30 Aug 2021 22:38:35 GMT
< Server: Caddy
< Server: Caddy
< Transfer-Encoding: chunked
<
{ [113 bytes data]
* Connection #0 to host localhost left intact
```
If the `respond` directive is one line shorter the Request / Response is ok:
```shell
curl -v --compressed -o /dev/null -s localhost
* Trying 127.0.0.1:80...
* Connected to localhost (127.0.0.1) port 80 (#0)
> GET / HTTP/1.1
> Host: localhost
> User-Agent: curl/7.78.0
> Accept: */*
> Accept-Encoding: deflate, gzip, br, zstd
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Content-Encoding: zstd
< Content-Type: text/plain;charset=utf8
< Date: Mon, 30 Aug 2021 22:38:08 GMT
< Server: Caddy
< Server: Caddy
< Vary: Accept-Encoding
< Content-Length: 102
<
{ [102 bytes data]
* Connection #0 to host localhost left intact
```
I think responsible are the following lines:
https://github.com/caddyserver/caddy/commit/e6c29ce081673d85e527d59f3afb7ace034573df#diff-287933cf508d4f4a33e4e0ac918639f44b9967505681131a29c82d608c2dfe57R152-R156
If comment them out, everything is fine.
Other headers don't seems to be affected, but I'm not sure.
Maybe related to #3997
For the record with version 2.4.3 everything is fine too.
Please revert to 2.4.3 for the time being.
basil
August 31, 2021, 4:30pm
3
@francislavoie Is the recommendation not to upgrade to 2.4.4 at all and instead wait for 2.4.5?
If you’re using encode and reverse_proxy in the same site, then you’ll have a problem. If you’re not, then you should be okay. This might include php_fastcgi now that I think of it (because under the hood, it also uses reverse_proxy), but I’m not sure.
when is the checked in fix going to be available for xcaddy builds?
matt
August 31, 2021, 10:30pm
6
1 Like
Not an xcaddy expert yet. How would one do that?
Like this:
$ xcaddy build <commit hash or branch name> \
--with <plugin...> \
--with <another plugin...>
So in this case, xcaddy build master or xcaddy build 43bf100 will do the trick
See the usage docs:
system
September 30, 2021, 3:26pm
9
This topic was automatically closed after 30 days. New replies are no longer allowed.