Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Missing POST Parameters with proxy servers

Tags:

proxy

http-post

we encounter some strange behaviour with our web application. Some POST requests do not have any http body, when they should. content-length is 0. There are no post parameters at all. We traced the network traffic at our loadbalancer and we see that we do not get any request body with some of our POST requests.

All broken POST requests have in common that they arrive via a proxy server.

We already found this question on SO: Why "Content-Length: 0" in POST requests?

We are now using a frame escape javascript routine and it helps a bit. It seems that error rate drops. But we still have POST requests with no data which should never happen in our webapp. These requests does not come from hackers or alike.

Often we saw webwasher as a proxy. But most of the time we do not see which proxy is used.

In this PDF we saw a comment about missing POST parameters with webwasher

WebWasher - Transparent Authentication Guide

Notes on Some Pitfalls

Note that there are some pitfalls that must be taken into account when setting up transparent authentication:

POST requests will fail if the ICAP server sends an redirect to the authentication server. This affects, however, only the renewal of the mapping since for the browser the request was successful, and the POST body will not be sent again after the final redirect.

We would like to know if there is some workaround other than using only GET instead of POST. We would also here if other sites had problems with missing POST data and which conclusion they made.

Are there any other reasons why POST data is not sent?

like image 326
Janning Avatar asked Apr 01 '11 14:04

Janning

1 Answers

I've had issues with Microsoft's proxy server not playing well with web requests.

I've had to resort to forcing HTTP/1.0 and setting the KeepAlive property to false.

There's something about the way NTLM authentication works that causes the body to be sent sporadically.

I've added this to many of my web requests

protected override WebRequest GetWebRequest(Uri uri)
{
    HttpWebRequest webRequest = (HttpWebRequest) base.GetWebRequest(uri);

    webRequest.KeepAlive = false;
    webRequest.ProtocolVersion=HttpVersion.Version10;
    return webRequest;
}

Hope this helps!

like image 101
Brad Bruce Avatar answered Oct 27 '22 04:10

Brad Bruce
Sign in to Comment

Related questions

Method-missing difficulties in C# 4.0: dynamic vs RealProxy
Node http-proxy-middleware not working with local servers as targert
How can I configure HTTPClient to authenticate against a SOCKS proxy?
How to create proxy in java
Proxy With Java URLConnection class
Using C# Service Reference with Proxy
Nginx proxy and remove proxy_pass prefix
How to use dart to implement a delegate/proxy?
Volley behind a proxy server
How can i set proxy with authentication in selenium chrome web driver using python
Show a custom 503 page if upstream is down
How to make Git only ask password when push to remote repository
CocoaPods setup too slow, how to set proxy in terminal
How do I use my server as a proxy to download files via PHP?
Git clone error "HTTP code 504 from proxy after CONNECT"

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!