Hi,
We recently deployed a node app in production that talks to a API endpoint over https. Of late, we started noticing that the call to the API was failing with error as 'Parser Error : Duplicate Content-Length' and there were a minimum of 6-7 occurrences daily. Though the error message clearly indicates that the API is sending multiple content-length header in the response, we couldn't log these headers in the node app as the call were failing in the underlying node module before reaching our code.
Below are the open issues related to this in nodejs GitHub page.
nodejs/http-parser#435
nodejs/http-parser#460
In order to troubleshoot the issue better, we decided to introduce a nginx proxy between the node app and the API endpoint. We decided to use OpenResty as it allows us to use lua language and provides the ability to log the entire request and response including the headers in JSON format. Once we capture the error condition, we were planning to share it with the API team and press them for a fix.
To our surprise the error that used to occur at least 6-7 times a day stopped altogether. The log entries were all clean with only one content-length header and no failures in the app as such.
We are pretty sure that the API team didn't fix their code as they are waiting on us to capture the error scenario.
My queries here are as below.
- Does OpenResty or nginx or luajson that we are using is removing the duplicate content-length header if the values are same ?
- If the above is true, can you please point me to the docs. Also, is there a way for us to log the headers before it gets removed ?
- Are we inadvertently removing it as part of the lua script ? We are logging the entire request and response as JSON via this script. Please refer attachment.The docker image we are using is "openresty/openresty:jessie" version is 1.13.6.1 and we are using "luajson" package. I have attached the docker file, nginx.conf and lua script as a zip file.
Please clarify as we are lost on what exactly is happening here.
Below are the version information.
nginx version: openresty/1.13.6.1
built by gcc 4.9.2 (Debian 4.9.2-10+deb8u1)
built with OpenSSL 1.0.2k 26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/usr/local/openresty/nginx --with-cc-opt=-O2 --add-module=../ngx_devel_kit-0.3.0 --add-module=../echo-nginx-module-0.61 --add-module=../xss-nginx-module-0.05 --add-module=../ngx_coolkit-0.2rc3 --add-module=../set-misc-nginx-module-0.31 --add-module=../form-input-nginx-module-0.12 --add-module=../encrypted-session-nginx-module-0.07 --add-module=../srcache-nginx-module-0.31 --add-module=../ngx_lua-0.10.11 --add-module=../ngx_lua_upstream-0.07 --add-module=../headers-more-nginx-module-0.33 --add-module=../array-var-nginx-module-0.05 --add-module=../memc-nginx-module-0.18 --add-module=../redis2-nginx-module-0.14 --add-module=../redis-nginx-module-0.3.7 --add-module=../rds-json-nginx-module-0.15 --add-module=../rds-csv-nginx-module-0.08 --add-module=../ngx_stream_lua-0.0.3 --with-ld-opt=-Wl,-rpath,/usr/local/openresty/luajit/lib --with-openssl=/tmp/openssl-1.0.2k --with-pcre=/tmp/pcre-8.41 --with-file-aio --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_geoip_module=dynamic --with-http_gunzip_module --with-http_gzip_static_module --with-http_image_filter_module=dynamic --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-http_xslt_module=dynamic --with-ipv6 --with-mail --with-mail_ssl_module --with-md5-asm --with-pcre-jit --with-sha1-asm --with-stream --with-stream_ssl_module --with-threads --with-stream --with-stream_ssl_module
OS information:
Linux c6fdf1a53d29 4.9.87-linuxkit-aufs #1 SMP Wed Mar 14 15:12:16 UTC 2018 x86_64 GNU/Linux
Thanks,
Sudharsan N.
Attachment:
Archive.zip
Description: Zip archive