Bug #91582
closed
Fetching an internal page as 404 content breaks browser output and CDNs
100%
Description
Defining the error handling in the site configuration like this
errorHandling:
- errorCode: '404'
errorHandler: Page
errorContentSource: 't3://page?uid=27'
causes a "connection failed" in Chromium based browsers. CDNs like Cloudflare even start repeating the request relatively fast (multiple times per second) ending in a 502 status code.
The problem drills down to the headers being received/sent when requesting the internal error page (27 above).
This request might deliver a "Transfer-Encoding: chunked" header.
Since the whole response of the sub-request is passed on as response to the initial request, also the headers from the sub-request are passed on.
This is may lead to problems, as the initial request may have another context than the internal sub-request.
In this case the "Transfer-Encoding" is not the same for the internal and the initial request. The actual webserver has to take care about settings this header correctly.
Fixing this issue, by removing this specific header from the sub-response, mitigates the problem and properly shows the 404 error page correctly, immediately and foremost without DoS-ing the server by the CDN.
Files
Updated by 
Updated by 
Updated by 