diff options
Diffstat (limited to 'APACHE_1_3_42/htdocs/manual/misc/known_client_problems.html')
-rw-r--r-- | APACHE_1_3_42/htdocs/manual/misc/known_client_problems.html | 346 |
1 files changed, 346 insertions, 0 deletions
diff --git a/APACHE_1_3_42/htdocs/manual/misc/known_client_problems.html b/APACHE_1_3_42/htdocs/manual/misc/known_client_problems.html new file mode 100644 index 0000000000..cb26578c9c --- /dev/null +++ b/APACHE_1_3_42/htdocs/manual/misc/known_client_problems.html @@ -0,0 +1,346 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> + +<html xmlns="http://www.w3.org/1999/xhtml"> + <head> + <meta name="generator" content="HTML Tidy, see www.w3.org" /> + + <title>Apache HTTP Server Project</title> + </head> + <!-- Background white, links blue (unvisited), navy (visited), red (active) --> + + <body bgcolor="#FFFFFF" text="#000000" link="#0000FF" + vlink="#000080" alink="#FF0000"> + <!--#include virtual="header.html" --> + + <h1 align="CENTER">Known Problems in Clients</h1> + + <p>Over time the Apache Group has discovered or been notified + of problems with various clients which we have had to work + around, or explain. This document describes these problems and + the workarounds available. It's not arranged in any particular + order. Some familiarity with the standards is assumed, but not + necessary.</p> + + <p>For brevity, <em>Navigator</em> will refer to Netscape's + Navigator product (which in later versions was renamed + "Communicator" and various other names), and <em>MSIE</em> will + refer to Microsoft's Internet Explorer product. All trademarks + and copyrights belong to their respective companies. We welcome + input from the various client authors to correct + inconsistencies in this paper, or to provide us with exact + version numbers where things are broken/fixed.</p> + + <p>For reference, <a + href="ftp://ds.internic.net/rfc/rfc1945.txt">RFC1945</a> + defines HTTP/1.0, and <a + href="ftp://ds.internic.net/rfc/rfc2068.txt">RFC2068</a> + defines HTTP/1.1. Apache as of version 1.2 is an HTTP/1.1 + server (with an optional HTTP/1.0 proxy).</p> + + <p>Various of these workarounds are triggered by environment + variables. The admin typically controls which are set, and for + which clients, by using <a + href="../mod/mod_browser.html">mod_browser</a>. Unless + otherwise noted all of these workarounds exist in versions 1.2 + and later.</p> + + <h3><a id="trailing-crlf" name="trailing-crlf">Trailing CRLF on + POSTs</a></h3> + + <p>This is a legacy issue. The CERN webserver required + <code>POST</code> data to have an extra <code>CRLF</code> + following it. Thus many clients send an extra <code>CRLF</code> + that is not included in the <code>Content-Length</code> of the + request. Apache works around this problem by eating any empty + lines which appear before a request.</p> + + <h3><a id="broken-keepalive" name="broken-keepalive">Broken + keepalive</a></h3> + + <p>Various clients have had broken implementations of + <em>keepalive</em> (persistent connections). In particular the + Windows versions of Navigator 2.0 get very confused when the + server times out an idle connection. The workaround is present + in the default config files:</p> + + <blockquote> + <code>BrowserMatch Mozilla/2 nokeepalive</code> + </blockquote> + Note that this matches some earlier versions of MSIE, which + began the practice of calling themselves <em>Mozilla</em> in + their user-agent strings just like Navigator. + + <p>MSIE 4.0b2, which claims to support HTTP/1.1, does not + properly support keepalive when it is used on 301 or 302 + (redirect) responses. Unfortunately Apache's + <code>nokeepalive</code> code prior to 1.2.2 would not work + with HTTP/1.1 clients. You must apply <a + href="http://www.apache.org/dist/httpd/patches/apply_to_1.2.1/msie_4_0b2_fixes.patch"> + this patch</a> to version 1.2.1. Then add this to your + config:</p> + + <blockquote> + <code>BrowserMatch "MSIE 4\.0b2;" nokeepalive</code> + </blockquote> + + <h3><a id="force-response-1.0" + name="force-response-1.0">Incorrect interpretation of + <code>HTTP/1.1</code> in response</a></h3> + + <p>To quote from section 3.1 of RFC1945:</p> + + <blockquote> + HTTP uses a "<MAJOR>.<MINOR>" numbering scheme to + indicate versions of the protocol. The protocol versioning + policy is intended to allow the sender to indicate the format + of a message and its capacity for understanding further HTTP + communication, rather than the features obtained via that + communication. + </blockquote> + Since Apache is an HTTP/1.1 server, it indicates so as part of + its response. Many client authors mistakenly treat this part of + the response as an indication of the protocol that the response + is in, and then refuse to accept the response. + + <p>The first major indication of this problem was with AOL's + proxy servers. When Apache 1.2 went into beta it was the first + wide-spread HTTP/1.1 server. After some discussion, AOL fixed + their proxies. In anticipation of similar problems, the + <code>force-response-1.0</code> environment variable was added + to Apache. When present Apache will indicate "HTTP/1.0" in + response to an HTTP/1.0 client, but will not in any other way + change the response.</p> + + <p>The pre-1.1 Java Development Kit (JDK) that is used in many + clients (including Navigator 3.x and MSIE 3.x) exhibits this + problem. As do some of the early pre-releases of the 1.1 JDK. + We think it is fixed in the 1.1 JDK release. In any event the + workaround:</p> + + <blockquote> + <code>BrowserMatch Java/1.0 force-response-1.0<br /> + BrowserMatch JDK/1.0 force-response-1.0</code> + </blockquote> + + <p>RealPlayer 4.0 from Progressive Networks also exhibits this + problem. However they have fixed it in version 4.01 of the + player, but version 4.01 uses the same <code>User-Agent</code> + as version 4.0. The workaround is still:</p> + + <blockquote> + <code>BrowserMatch "RealPlayer 4.0" force-response-1.0</code> + </blockquote> + + <h3><a id="msie4.0b2" name="msie4.0b2">Requests use HTTP/1.1 + but responses must be in HTTP/1.0</a></h3> + + <p>MSIE 4.0b2 has this problem. Its Java VM makes requests in + HTTP/1.1 format but the responses must be in HTTP/1.0 format + (in particular, it does not understand <em>chunked</em> + responses). The workaround is to fool Apache into believing the + request came in HTTP/1.0 format.</p> + + <blockquote> + <code>BrowserMatch "MSIE 4\.0b2;" downgrade-1.0 + force-response-1.0</code> + </blockquote> + This workaround is available in 1.2.2, and in a <a + href="http://www.apache.org/dist/httpd/patches/apply_to_1.2.1/msie_4_0b2_fixes.patch"> + patch</a> against 1.2.1. + + <h3><a id="257th-byte" name="257th-byte">Boundary problems with + header parsing</a></h3> + + <p>All versions of Navigator from 2.0 through 4.0b2 (and + possibly later) have a problem if the trailing CRLF of the + response header starts at offset 256, 257 or 258 of the + response. A BrowserMatch for this would match on nearly every + hit, so the workaround is enabled automatically on all + responses. The workaround implemented detects when this + condition would occur in a response and adds extra padding to + the header to push the trailing CRLF past offset 258 of the + response.</p> + + <h3><a id="boundary-string" name="boundary-string">Multipart + responses and Quoted Boundary Strings</a></h3> + + <p>On multipart responses some clients will not accept quotes + (") around the boundary string. The MIME standard recommends + that such quotes be used. But the clients were probably written + based on one of the examples in RFC2068, which does not include + quotes. Apache does not include quotes on its boundary strings + to workaround this problem.</p> + + <h3><a id="byterange-requests" + name="byterange-requests">Byterange requests</a></h3> + + <p>A byterange request is used when the client wishes to + retrieve a portion of an object, not necessarily the entire + object. There was a very old draft which included these + byteranges in the URL. Old clients such as Navigator 2.0b1 and + MSIE 3.0 for the MAC exhibit this behavior, and it will appear + in the servers' access logs as (failed) attempts to retrieve a + URL with a trailing ";xxx-yyy". Apache does not attempt to + implement this at all.</p> + + <p>A subsequent draft of this standard defines a header + <code>Request-Range</code>, and a response type + <code>multipart/x-byteranges</code>. The HTTP/1.1 standard + includes this draft with a few fixes, and it defines the header + <code>Range</code> and type + <code>multipart/byteranges</code>.</p> + + <p>Navigator (versions 2 and 3) sends both <code>Range</code> + and <code>Request-Range</code> headers (with the same value), + but does not accept a <code>multipart/byteranges</code> + response. The response must be + <code>multipart/x-byteranges</code>. As a workaround, if Apache + receives a <code>Request-Range</code> header it considers it + "higher priority" than a <code>Range</code> header and in + response uses <code>multipart/x-byteranges</code>.</p> + + <p>The Adobe Acrobat Reader plugin makes extensive use of + byteranges and prior to version 3.01 supports only the + <code>multipart/x-byterange</code> response. Unfortunately + there is no clue that it is the plugin making the request. If + the plugin is used with Navigator, the above workaround works + fine. But if the plugin is used with MSIE 3 (on Windows) the + workaround won't work because MSIE 3 doesn't give the + <code>Range-Request</code> clue that Navigator does. To + workaround this, Apache special cases "MSIE 3" in the + <code>User-Agent</code> and serves + <code>multipart/x-byteranges</code>. Note that the necessity + for this with MSIE 3 is actually due to the Acrobat plugin, not + due to the browser.</p> + + <p>Netscape Communicator appears to not issue the non-standard + <code>Request-Range</code> header. When an Acrobat plugin prior + to version 3.01 is used with it, it will not properly + understand byteranges. The user must upgrade their Acrobat + reader to 3.01.</p> + + <h3><a id="cookie-merge" + name="cookie-merge"><code>Set-Cookie</code> header is + unmergeable</a></h3> + + <p>The HTTP specifications say that it is legal to merge + headers with duplicate names into one (separated by commas). + Some browsers that support Cookies don't like merged headers + and prefer that each <code>Set-Cookie</code> header is sent + separately. When parsing the headers returned by a CGI, Apache + will explicitly avoid merging any <code>Set-Cookie</code> + headers.</p> + + <h3><a id="gif89-expires" + name="gif89-expires"><code>Expires</code> headers and GIF89A + animations</a></h3> + + <p>Navigator versions 2 through 4 will erroneously re-request + GIF89A animations on each loop of the animation if the first + response included an <code>Expires</code> header. This happens + regardless of how far in the future the expiry time is set. + There is no workaround supplied with Apache, however there are + hacks for <a + href="http://arctic.org/~dean/patches/apache-1.2-gif89-expires-hack.patch"> + 1.2</a> and for <a + href="http://arctic.org/~dean/patches/apache-1.3-gif89-expires-hack.patch"> + 1.3</a>.</p> + + <h3><a id="no-content-length" + name="no-content-length"><code>POST</code> without + <code>Content-Length</code></a></h3> + + <p>In certain situations Navigator 3.01 through 3.03 appear to + incorrectly issue a POST without the request body. There is no + known workaround. It has been fixed in Navigator 3.04, + Netscapes provides some <a + href="http://help.netscape.com/kb/client/971014-42.html">information</a>. + There's also <a + href="http://arctic.org/~dean/apache/no-content-length/"> + some information</a> about the actual problem.</p> + + <h3><a id="jdk-12-bugs" name="jdk-12-bugs">JDK 1.2 betas lose + parts of responses.</a></h3> + + <p>The http client in the JDK1.2beta2 and beta3 will throw away + the first part of the response body when both the headers and + the first part of the body are sent in the same network packet + AND keep-alive's are being used. If either condition is not met + then it works fine.</p> + + <p>See also Bug-ID's 4124329 and 4125538 at the java developer + connection.</p> + + <p>If you are seeing this bug yourself, you can add the + following BrowserMatch directive to work around it:</p> + + <blockquote> + <code>BrowserMatch "Java1\.2beta[23]" nokeepalive</code> + </blockquote> + + <p>We don't advocate this though since bending over backwards + for beta software is usually not a good idea; ideally it gets + fixed, new betas or a final release comes out, and no one uses + the broken old software anymore. In theory.</p> + + <h3><a id="content-type-persistence" + name="content-type-persistence"><code>Content-Type</code> + change is not noticed after reload</a></h3> + + <p>Navigator (all versions?) will cache the + <code>content-type</code> for an object "forever". Using reload + or shift-reload will not cause Navigator to notice a + <code>content-type</code> change. The only work-around is for + the user to flush their caches (memory and disk). By way of an + example, some folks may be using an old <code>mime.types</code> + file which does not map <code>.htm</code> to + <code>text/html</code>, in this case Apache will default to + sending <code>text/plain</code>. If the user requests the page + and it is served as <code>text/plain</code>. After the admin + fixes the server, the user will have to flush their caches + before the object will be shown with the correct + <code>text/html</code> type.</p> + + <h3><a id="msie-cookie-y2k" name="msie-cookie-y2k">MSIE Cookie + problem with expiry date in the year 2000</a></h3> + + <p>MSIE versions 3.00 and 3.02 (without the Y2K patch) do not + handle cookie expiry dates in the year 2000 properly. Years + after 2000 and before 2000 work fine. This is fixed in IE4.01 + service pack 1, and in the Y2K patch for IE3.02. Users should + avoid using expiry dates in the year 2000.</p> + + <h3><a id="lynx-negotiate-trans" + name="lynx-negotiate-trans">Lynx incorrectly asking for + transparent content negotiation</a></h3> + + <p>The Lynx browser versions 2.7 and 2.8 send a "negotiate: + trans" header in their requests, which is an indication the + browser supports transparent content negotiation (TCN). However + the browser does not support TCN. As of version 1.3.4, Apache + supports TCN, and this causes problems with these versions of + Lynx. As a workaround future versions of Apache will ignore + this header when sent by the Lynx client.</p> + + <h3><a id="ie40-vary" name="ie40-vary">MSIE 4.0 mishandles Vary + response header</a></h3> + + <p>MSIE 4.0 does not handle a Vary header properly. The Vary + header is generated by mod_rewrite in apache 1.3. The result is + an error from MSIE saying it cannot download the requested + file. There are more details in <a + href="http://bugs.apache.org/index/full/4118">PR#4118</a>.</p> + + <p>A workaround is to add the following to your server's + configuration files:</p> +<pre> + BrowserMatch "MSIE 4\.0" force-no-vary +</pre> + + <p>(This workaround is only available with releases + <strong>after</strong> 1.3.6 of the Apache Web server.)</p> + <!--#include virtual="footer.html" --> + </body> +</html> + |