random 400 errors

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

random 400 errors

jonmcalexander

Hi Guru’s

 

I have an application team having a strange issue post upgrade to Tomcat 8.5.58 and/or 8.5.59 (Happens with both) from Tomcat 8.5.57. See below:

 

“We are seeing issue in our application, where after upgrading from Tomcat 8.5.57 to 8.5.58 or 8.5.59, it randomly throws 400 error for below URL. There are no changes except the upgrade and it works some time and sometime it does not and throws 400. Switching back to 8.5.57 ensure it works fine all the time.

 

logo.png

 

From changelog on 8.5.58 I see below

       Improve the validation of entity tags provided with conditional requests. Requests with headers that contain invalid entity tags will be rejected with a 400 response code. Improve the matching algorithm used to compare entity tags in conditional requests with the entity tag for the requested resource. Based on a pull request by Sergey Ponomarev. (markt)

 

I have removed most of the name of the item giving the 400 error, but it’s an image. Some additional information:  NOTE: Some information “redacted” for safety.

 

Header for good and bad one below.

Good one:

1.   <some uri>-logo.png

2.     Request Method:

GET

3.     Status Code:

200

4.     Remote Address:

<some remote IP>:443

5.     Referrer Policy:

strict-origin-when-cross-origin

2.     Response Headersview source

1.     Accept-Ranges:

bytes

2.     Access-Control-Allow-Origin:

<some URL>

3.     Cache-Control:

max-age=604800

4.     Connection:

Keep-Alive

5.     Content-Encoding:

gzip

6.     Content-Type:

image/png

7.     Date:

Mon, 23 Nov 2020 23:30:57 GMT

8.     ETag:

W/"1898-1605014636000"-gzip

9.     Keep-Alive:

timeout=15, max=100

10.   Last-Modified:

Tue, 10 Nov 2020 13:23:56 GMT

11.   Strict-Transport-Security:

max-age=31536000; includeSubDomains

12.   Transfer-Encoding:

chunked

13.   Vary:

Accept-Encoding

14.   X-Content-Type-Options:

nosniff

15.   X-Frame-Options:

SAMEORIGIN

16.   X-Xss-Protection:

1; mode=block

3.     Request Headersview source

1.     Accept:

text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9

2.     Accept-Encoding:

gzip, deflate, br

3.     Accept-Language:

en-US,en;q=0.9

4.     Cache-Control:

max-age=0

5.     Connection:

keep-alive

6.     Cookie:

PS_DEVICEFEATURES=width:1920 height:1080 pixelratio:1 touch:0 geolocation:1 websockets:1 webworkers:1 datepicker:1 dtpicker:1 timepicker:1 dnd:1 sessionstorage:1 localstorage:1 history:1 canvas:1 svg:1 postmessage:1 hc:0 maf:0; <something>=!zmR+O5lInwZQScXFysvE+ZLmn/jZYOMljJRe6zpgTCqT1vq+Nsi6whR90o96mjEzY6eOCcA5+5bBMok=; TS018aedd4=01f75e3a42044ffe4dec9dc58b085c5a587774d7d2291f65cc51c81218d60ff777ac912d6f4623836387cb50a5a4efe34d97b8ea8db7d92d4565c18fd52b1e5ae176edaa99; <something else>=!heE/SoIWn1XzFTnFysvE+ZLmn/jZYPwJaUx/NLmU09FX5SfwbV5ltQ7zTaDlkj3KsURmBocfo4UBEA==

7.     Host:

<somehost>.com

8.     Sec-Fetch-Dest:

document

9.     Sec-Fetch-Mode:

navigate

10.   Sec-Fetch-Site:

none

11.   Sec-Fetch-User:

?1

12.   Upgrade-Insecure-Requests:

1

13.   User-Agent:

Mozilla/5.0 (Windows NT 1

 

Failed one:

1.   <some URI>-logo.png

2.     Request Method:

GET

3.     Status Code:

400

4.     Remote Address:

<some remote IP>:443

5.     Referrer Policy:

strict-origin-when-cross-origin

2.     Response Headersview source

1.     Access-Control-Allow-Origin:

<somehost>

2.     Cache-Control:

max-age=604800

3.     Content-Language:

en

4.     Content-Length:

762

5.     Content-Type:

text/html;charset=utf-8

6.     Date:

Mon, 23 Nov 2020 23:30:06 GMT

7.     Strict-Transport-Security:

max-age=31536000; includeSubDomains

8.     Vary:

Accept-Encoding

9.     X-Cnection:

close

10.   X-Content-Type-Options:

nosniff

11.   X-Frame-Options:

SAMEORIGIN

12.   X-Xss-Protection:

1; mode=block

3.     Request Headersview source

1.     Accept:

text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9

2.     Accept-Encoding:

gzip, deflate, br

3.     Accept-Language:

en-US,en;q=0.9

4.     Cache-Control:

max-age=0

5.     Connection:

keep-alive

6.     Cookie:

PS_DEVICEFEATURES=width:1920 height:1080 pixelratio:1 touch:0 geolocation:1 websockets:1 webworkers:1 datepicker:1 dtpicker:1 timepicker:1 dnd:1 sessionstorage:1 localstorage:1 history:1 canvas:1 svg:1 postmessage:1 hc:0 maf:0; <something>=!zmR+O5lInwZQScXFysvE+ZLmn/jZYOMljJRe6zpgTCqT1vq+Nsi6whR90o96mjEzY6eOCcA5+5bBMok=; TS018aedd4=01f75e3a42044ffe4dec9dc58b085c5a587774d7d2291f65cc51c81218d60ff777ac912d6f4623836387cb50a5a4efe34d97b8ea8db7d92d4565c18fd52b1e5ae176edaa99; <something else>=!heE/SoIWn1XzFTnFysvE+ZLmn/jZYPwJaUx/NLmU09FX5SfwbV5ltQ7zTaDlkj3KsURmBocfo4UBEA==

7.     Host:

<somehost>wellsfargo.com

8.     If-Modified-Since:

Tue, 10 Nov 2020 13:23:56 GMT

9.     If-None-Match:

W/"1898-1605014636000"-gzip

10.   Sec-Fetch-Dest:

document

11.   Sec-Fetch-Mode:

navigate

12.   Sec-Fetch-Site:

none

13.   Sec-Fetch-User:

?1

14.   Upgrade-Insecure-Requests:

1

15.   User-Agent:

Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Saf

 

 

Any assistance would be greatly appreciated. They have NOT yet tested with Tomcat 8.5.60.

 

 

Dream * Excel * Explore * Inspire

Jon McAlexander

Infrastructure Engineer

Asst Vice President

 

Middleware Product Engineering

Enterprise CIO | Platform Services | Middleware | Infrastructure Solutions

 

8080 Cobblestone Rd | Urbandale, IA 50322
MAC: F4469-010

Tel 515-988-2508 | Cell 515-988-2508

 

[hidden email]

 

Upcoming PTO: 10/30/2020, 11/6/2020, 11/13/2020, 11/20/2020, 11/27/2020, 12/2/2020, 12/4/2020, 12/11/2020, 12/18/2020, 12/28/2020, 12/29/2020, 12/30/2020, 12/31/2020

This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose, or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation.

 

Reply | Threaded
Open this post in threaded view
|

Re: random 400 errors

markt
On 24/11/2020 04:04, [hidden email] wrote:

<snip/>

> *9.     **If-None-Match: *
>
> W/"1898-1605014636000"-gzip

That etag is not valid. It should be:

W/"1898-1605014636000-gzip"

Do you know what component is generating that? A compression filter maybe?

I did wonder if it was Tomcat but I haven't found any code where Tomcat
appends "-gzip" to an existing etag but I am still looking.

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

RE: random 400 errors

jonmcalexander
Thank you! I will pass this on to the app team.


Sent with BlackBerry Work (www.blackberry.com)
________________________________
From: Mark Thomas <[hidden email]>
Sent: Nov 24, 2020 3:14 AM
To: [hidden email]
Subject: Re: random 400 errors

On 24/11/2020 04:04, [hidden email] wrote:

<snip/>

> *9.     **If-None-Match: *
>
> W/"1898-1605014636000"-gzip

That etag is not valid. It should be:

W/"1898-1605014636000-gzip"

Do you know what component is generating that? A compression filter maybe?

I did wonder if it was Tomcat but I haven't found any code where Tomcat
appends "-gzip" to an existing etag but I am still looking.

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]