summaryrefslogtreecommitdiffstats
path: root/rubbos/app/apache2/manual/misc/known_client_problems.html.en
blob: cfc029543da53774113beb04d6e37f7750118124 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
        XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
              This file is generated from xml source: DO NOT EDIT
        XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
      -->
<title>Known Problems in Clients - Apache HTTP Server</title>
<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" />
<link href="../images/favicon.ico" rel="shortcut icon" /></head>
<body id="manual-page"><div id="page-header">
<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p>
<p class="apache">Apache HTTP Server Version 2.0</p>
<img alt="" src="../images/feather.gif" /></div>
<div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="../images/left.gif" /></a></div>
<div id="path">
<a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Server</a> &gt; <a href="http://httpd.apache.org/docs/">Documentation</a> &gt; <a href="../">Version 2.0</a> &gt; <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>Known Problems in Clients</h1>
<div class="toplang">
<p><span>Available Languages: </span><a href="../en/misc/known_client_problems.html" title="English">&nbsp;en&nbsp;</a></p>
</div>


    <div class="warning"><h3>Warning:</h3>
      <p>This document has not been fully updated
      to take into account changes made in the 2.0 version of the
      Apache HTTP Server. Some of the information may still be
      relevant, but please use it with care.</p>
    </div>

    <p>Over time the Apache Group has discovered or been notified
    of problems with various clients which we have had to work
    around, or explain. This document describes these problems and
    the workarounds available. It's not arranged in any particular
    order. Some familiarity with the standards is assumed, but not
    necessary.</p>

    <p>For brevity, <em>Navigator</em> will refer to Netscape's
    Navigator product (which in later versions was renamed
    "Communicator" and various other names), and <em>MSIE</em> will
    refer to Microsoft's Internet Explorer product. All trademarks
    and copyrights belong to their respective companies. We welcome
    input from the various client authors to correct
    inconsistencies in this paper, or to provide us with exact
    version numbers where things are broken/fixed.</p>

    <p>For reference, <a href="ftp://ds.internic.net/rfc/rfc1945.txt">RFC1945</a>
    defines HTTP/1.0, and <a href="ftp://ds.internic.net/rfc/rfc2068.txt">RFC2068</a>
    defines HTTP/1.1. Apache as of version 1.2 is an HTTP/1.1
    server (with an optional HTTP/1.0 proxy).</p>

    <p>Various of these workarounds are triggered by environment
    variables. The admin typically controls which are set, and for
    which clients, by using <code>mod_browser</code>. Unless
    otherwise noted all of these workarounds exist in versions 1.2
    and later.</p>

  </div>
<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#trailing-crlf">Trailing CRLF on POSTs</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#broken-keepalive">Broken KeepAlive</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#force-response-1.0">Incorrect interpretation of
    <code>HTTP/1.1</code> in response</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#msie4.0b2">Requests use HTTP/1.1 but 
                     responses must be in HTTP/1.0</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#byte-257">Boundary problems with
    header parsing</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#boundary-string">Multipart responses and 
                              Quoted Boundary Strings</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#byterange-requests">Byterange Requests</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#cookie-merge"><code>Set-Cookie</code> header is
    unmergeable</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#gif89-expires"><code>Expires</code> headers 
    and GIF89A animations</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#no-content-length"><code>POST</code> without
    <code>Content-Length</code></a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#jdk-12-bugs">JDK 1.2 betas lose
    parts of responses.</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#content-type-persistent"><code>Content-Type</code>
    change is not noticed after reload</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#msie-cookie-y2k">MSIE Cookie
    problem with expiry date in the year 2000</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#lynx-negotiate-trans">Lynx incorrectly asking for
    transparent content negotiation</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#ie40-vary">MSIE 4.0 mishandles Vary
    response header</a></li>
</ul></div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="trailing-crlf" id="trailing-crlf">Trailing CRLF on POSTs</a></h2>

    <p>This is a legacy issue. The CERN webserver required
    <code>POST</code> data to have an extra <code>CRLF</code>
    following it. Thus many clients send an extra <code>CRLF</code>
    that is not included in the <code>Content-Length</code> of the
    request. Apache works around this problem by eating any empty
    lines which appear before a request.</p>

  </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="broken-keepalive" id="broken-keepalive">Broken KeepAlive</a></h2>

    <p>Various clients have had broken implementations of
    <em>keepalive</em> (persistent connections). In particular the
    Windows versions of Navigator 2.0 get very confused when the
    server times out an idle connection. The workaround is present
    in the default config files:</p>

    <div class="example"><p><code>
      BrowserMatch Mozilla/2 nokeepalive
    </code></p></div>

    <p>Note that this matches some earlier versions of MSIE, which
    began the practice of calling themselves <em>Mozilla</em> in
    their user-agent strings just like Navigator.</p>

    <p>MSIE 4.0b2, which claims to support HTTP/1.1, does not
    properly support keepalive when it is used on 301 or 302
    (redirect) responses. Unfortunately Apache's
    <code>nokeepalive</code> code prior to 1.2.2 would not work
    with HTTP/1.1 clients. You must apply <a href="http://www.apache.org/dist/httpd/patches/apply_to_1.2.1/msie_4_0b2_fixes.patch">
    this patch</a> to version 1.2.1. Then add this to your
    config:</p>

    <div class="example"><p><code>
      BrowserMatch "MSIE 4\.0b2;" nokeepalive
    </code></p></div>

  </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="force-response-1.0" id="force-response-1.0">Incorrect interpretation of
    <code>HTTP/1.1</code> in response</a></h2>

    <p>To quote from section 3.1 of RFC1945:</p>

    <div class="note">
      HTTP uses a "&lt;MAJOR&gt;.&lt;MINOR&gt;" numbering scheme to
      indicate versions of the protocol. The protocol versioning
      policy is intended to allow the sender to indicate the format
      of a message and its capacity for understanding further HTTP
      communication, rather than the features obtained via that
      communication.
    </div>

    <p>Since Apache is an HTTP/1.1 server, it indicates so as part of
    its response. Many client authors mistakenly treat this part of
    the response as an indication of the protocol that the response
    is in, and then refuse to accept the response.</p>

    <p>The first major indication of this problem was with AOL's
    proxy servers. When Apache 1.2 went into beta it was the first
    wide-spread HTTP/1.1 server. After some discussion, AOL fixed
    their proxies. In anticipation of similar problems, the
    <code>force-response-1.0</code> environment variable was added
    to Apache. When present Apache will indicate "HTTP/1.0" in
    response to an HTTP/1.0 client, but will not in any other way
    change the response.</p>

    <p>The pre-1.1 Java Development Kit (JDK) that is used in many
    clients (including Navigator 3.x and MSIE 3.x) exhibits this
    problem. As do some of the early pre-releases of the 1.1 JDK.
    We think it is fixed in the 1.1 JDK release. In any event the
    workaround:</p>

    <div class="example"><p><code>
       BrowserMatch Java/1.0 force-response-1.0<br />
       BrowserMatch JDK/1.0 force-response-1.0
    </code></p></div>

    <p>RealPlayer 4.0 from Progressive Networks also exhibits this
    problem. However they have fixed it in version 4.01 of the
    player, but version 4.01 uses the same <code>User-Agent</code>
    as version 4.0. The workaround is still:</p>

    <div class="example"><p><code>
      BrowserMatch "RealPlayer 4.0" force-response-1.0
    </code></p></div>

  </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="msie4.0b2" id="msie4.0b2">Requests use HTTP/1.1 but 
                     responses must be in HTTP/1.0</a></h2>

    <p>MSIE 4.0b2 has this problem. Its Java VM makes requests in
    HTTP/1.1 format but the responses must be in HTTP/1.0 format
    (in particular, it does not understand <em>chunked</em>
    responses). The workaround is to fool Apache into believing the
    request came in HTTP/1.0 format.</p>

    <div class="example"><p><code>
      BrowserMatch "MSIE 4\.0b2;" downgrade-1.0
      force-response-1.0
    </code></p></div>

    <p>This workaround is available in 1.2.2, and in a <a href="http://www.apache.org/dist/httpd/patches/apply_to_1.2.1/msie_4_0b2_fixes.patch">
    patch</a> against 1.2.1.</p>

  </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="byte-257" id="byte-257">Boundary problems with
    header parsing</a></h2>

    <p>All versions of Navigator from 2.0 through 4.0b2 (and
    possibly later) have a problem if the trailing CRLF of the
    response header starts at offset 256, 257 or 258 of the
    response. A BrowserMatch for this would match on nearly every
    hit, so the workaround is enabled automatically on all
    responses. The workaround implemented detects when this
    condition would occur in a response and adds extra padding to
    the header to push the trailing CRLF past offset 258 of the
    response.</p>

  </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="boundary-string" id="boundary-string">Multipart responses and 
                              Quoted Boundary Strings</a></h2>

    <p>On multipart responses some clients will not accept quotes
    (") around the boundary string. The MIME standard recommends
    that such quotes be used. But the clients were probably written
    based on one of the examples in RFC2068, which does not include
    quotes. Apache does not include quotes on its boundary strings
    to workaround this problem.</p>

  </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="byterange-requests" id="byterange-requests">Byterange Requests</a></h2>

    <p>A byterange request is used when the client wishes to
    retrieve a portion of an object, not necessarily the entire
    object. There was a very old draft which included these
    byteranges in the URL. Old clients such as Navigator 2.0b1 and
    MSIE 3.0 for the MAC exhibit this behaviour, and it will appear
    in the servers' access logs as (failed) attempts to retrieve a
    URL with a trailing ";xxx-yyy". Apache does not attempt to
    implement this at all.</p>

    <p>A subsequent draft of this standard defines a header
    <code>Request-Range</code>, and a response type
    <code>multipart/x-byteranges</code>. The HTTP/1.1 standard
    includes this draft with a few fixes, and it defines the header
    <code>Range</code> and type
    <code>multipart/byteranges</code>.</p>

    <p>Navigator (versions 2 and 3) sends both <code>Range</code>
    and <code>Request-Range</code> headers (with the same value),
    but does not accept a <code>multipart/byteranges</code>
    response. The response must be
    <code>multipart/x-byteranges</code>. As a workaround, if Apache
    receives a <code>Request-Range</code> header it considers it
    "higher priority" than a <code>Range</code> header and in
    response uses <code>multipart/x-byteranges</code>.</p>

    <p>The Adobe Acrobat Reader plugin makes extensive use of
    byteranges and prior to version 3.01 supports only the
    <code>multipart/x-byterange</code> response. Unfortunately
    there is no clue that it is the plugin making the request. If
    the plugin is used with Navigator, the above workaround works
    fine. But if the plugin is used with MSIE 3 (on Windows) the
    workaround won't work because MSIE 3 doesn't give the
    <code>Range-Request</code> clue that Navigator does. To
    workaround this, Apache special cases "MSIE 3" in the
    <code>User-Agent</code> and serves
    <code>multipart/x-byteranges</code>. Note that the necessity
    for this with MSIE 3 is actually due to the Acrobat plugin, not
    due to the browser.</p>

    <p>Netscape Communicator appears to not issue the non-standard
    <code>Request-Range</code> header. When an Acrobat plugin prior
    to version 3.01 is used with it, it will not properly
    understand byteranges. The user must upgrade their Acrobat
    reader to 3.01.</p>

  </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="cookie-merge" id="cookie-merge"><code>Set-Cookie</code> header is
    unmergeable</a></h2>

    <p>The HTTP specifications say that it is legal to merge
    headers with duplicate names into one (separated by commas).
    Some browsers that support Cookies don't like merged headers
    and prefer that each <code>Set-Cookie</code> header is sent
    separately. When parsing the headers returned by a CGI, Apache
    will explicitly avoid merging any <code>Set-Cookie</code>
    headers.</p>

  </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="gif89-expires" id="gif89-expires"><code>Expires</code> headers 
    and GIF89A animations</a></h2>

    <p>Navigator versions 2 through 4 will erroneously re-request
    GIF89A animations on each loop of the animation if the first
    response included an <code>Expires</code> header. This happens
    regardless of how far in the future the expiry time is set.
    There is no workaround supplied with Apache, however there are
    hacks for <a href="http://www.arctic.org/~dgaudet/patches/apache-1.2-gif89-expires-hack.patch">
    1.2</a> and for <a href="http://www.arctic.org/~dgaudet/patches/apache-1.3-gif89-expires-hack.patch">
    1.3</a>.</p>

  </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="no-content-length" id="no-content-length"><code>POST</code> without
    <code>Content-Length</code></a></h2>

    <p>In certain situations Navigator 3.01 through 3.03 appear to
    incorrectly issue a POST without the request body. There is no
    known workaround. It has been fixed in Navigator 3.04,
    Netscapes provides some <a href="http://help.netscape.com/kb/client/971014-42.html">information</a>.
    There's also <a href="http://www.arctic.org/~dgaudet/apache/no-content-length/">
    some information</a> about the actual problem.</p>

  </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="jdk-12-bugs" id="jdk-12-bugs">JDK 1.2 betas lose
    parts of responses.</a></h2>

    <p>The http client in the JDK1.2beta2 and beta3 will throw away
    the first part of the response body when both the headers and
    the first part of the body are sent in the same network packet
    AND keep-alive's are being used. If either condition is not met
    then it works fine.</p>

    <p>See also Bug-ID's 4124329 and 4125538 at the java developer
    connection.</p>

    <p>If you are seeing this bug yourself, you can add the
    following BrowserMatch directive to work around it:</p>

    <div class="example"><p><code>
    BrowserMatch "Java1\.2beta[23]" nokeepalive
    </code></p></div>

    <p>We don't advocate this though since bending over backwards
    for beta software is usually not a good idea; ideally it gets
    fixed, new betas or a final release comes out, and no one uses
    the broken old software anymore. In theory.</p>

  </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="content-type-persistent" id="content-type-persistent"><code>Content-Type</code>
    change is not noticed after reload</a></h2>

    <p>Navigator (all versions?) will cache the
    <code>content-type</code> for an object "forever". Using reload
    or shift-reload will not cause Navigator to notice a
    <code>content-type</code> change. The only work-around is for
    the user to flush their caches (memory and disk). By way of an
    example, some folks may be using an old <code>mime.types</code>
    file which does not map <code>.htm</code> to
    <code>text/html</code>, in this case Apache will default to
    sending <code>text/plain</code>. If the user requests the page
    and it is served as <code>text/plain</code>. After the admin
    fixes the server, the user will have to flush their caches
    before the object will be shown with the correct
    <code>text/html</code> type.</p>

  </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="msie-cookie-y2k" id="msie-cookie-y2k">MSIE Cookie
    problem with expiry date in the year 2000</a></h2>

    <p>MSIE versions 3.00 and 3.02 (without the Y2K patch) do not
    handle cookie expiry dates in the year 2000 properly. Years
    after 2000 and before 2000 work fine. This is fixed in IE4.01
    service pack 1, and in the Y2K patch for IE3.02. Users should
    avoid using expiry dates in the year 2000.</p>

  </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="lynx-negotiate-trans" id="lynx-negotiate-trans">Lynx incorrectly asking for
    transparent content negotiation</a></h2>

    <p>The Lynx browser versions 2.7 and 2.8 send a "negotiate:
    trans" header in their requests, which is an indication the
    browser supports transparent content negotiation (TCN). However
    the browser does not support TCN. As of version 1.3.4, Apache
    supports TCN, and this causes problems with these versions of
    Lynx. As a workaround future versions of Apache will ignore
    this header when sent by the Lynx client.</p>

  </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="ie40-vary" id="ie40-vary">MSIE 4.0 mishandles Vary
    response header</a></h2>

    <p>MSIE 4.0 does not handle a Vary header properly. The Vary
    header is generated by mod_rewrite in apache 1.3. The result is
    an error from MSIE saying it cannot download the requested
    file. There are more details in <a href="http://bugs.apache.org/index/full/4118">PR#4118</a>.</p>

    <p>A workaround is to add the following to your server's
    configuration files:</p>

   <div class="example"><p><code>
    BrowserMatch "MSIE 4\.0" force-no-vary
   </code></p></div>

    <p>(This workaround is only available with releases
    <strong>after</strong> 1.3.6 of the Apache Web server.)</p>

  </div></div>
<div class="bottomlang">
<p><span>Available Languages: </span><a href="../en/misc/known_client_problems.html" title="English">&nbsp;en&nbsp;</a></p>
</div><div id="footer">
<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div>
</body></html>