Page MenuHomePhabricator
Create Task
Maniphest T9553

www.googleapis.com refuses GET with Content-Length
Closed, WontfixPublic
Actions

Description

When a user is authenticating with its Google account, the following error can be observed:

[HTTP/400]
<!DOCTYPE html>
<html lang=en>
  <meta charset=utf-8>
  <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
  <title>Error 400 (Bad Request)!!1</title>
  <style>
    *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overf...

Query made by phabricator is the following:

GET /plus/v1/people/me?access_token=***MASKED*** HTTP/1.1
Host: www.googleapis.com
Accept: */*
Content-Length: 6
Content-Type: application/x-www-form-urlencoded

Content-Length is provided even if no body is present in the query. www.googleapis.com is not accepting it there is no HTTP body, which is conform with RFC 2616:

http://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4.4

Messages MUST NOT include both a Content-Length header field and a non-identity transfer-coding. If the message does include a non- identity transfer-coding, the Content-Length MUST be ignored.

This can be observed on https://phab.enlightenment.org/auth/ today.

Related Objects

Event Timeline

beber created this task.Oct 12 2015, 11:34 PM
beber updated the task description. (Show Details)
beber added a project: libphutil.
beber added a subscriber: beber.
epriestley added a subscriber: epriestley.Oct 12 2015, 11:50 PM

Can you show me the output of these commands on the server?

Run this one anywhere:

anywhere/ $ php -r 'var_dump(curl_version());'

...and, from libphutil/:

libphutil/ $ git show
beber added a comment.Oct 13 2015, 12:27 AM
$ php -r 'var_dump(curl_version());'
array(9) {
  ["version_number"]=>
  int(469760)
  ["age"]=>
  int(3)
  ["features"]=>
  int(575005)
  ["ssl_version_number"]=>
  int(0)
  ["version"]=>
  string(6) "7.43.0"
  ["host"]=>
  string(19) "x86_64-pc-linux-gnu"
  ["ssl_version"]=>
  string(14) "OpenSSL/1.0.2d"
  ["libz_version"]=>
  string(5) "1.2.8"
  ["protocols"]=>
  array(16) {
    [0]=>
    string(4) "dict"
    [1]=>
    string(4) "file"
    [2]=>
    string(3) "ftp"
    [3]=>
    string(4) "ftps"
    [4]=>
    string(6) "gopher"
    [5]=>
    string(4) "http"
    [6]=>
    string(5) "https"
    [7]=>
    string(4) "imap"
    [8]=>
    string(5) "imaps"
    [9]=>
    string(4) "pop3"
    [10]=>
    string(5) "pop3s"
    [11]=>
    string(4) "rtsp"
    [12]=>
    string(4) "smtp"
    [13]=>
    string(5) "smtps"
    [14]=>
    string(6) "telnet"
    [15]=>
    string(4) "tftp"
  }
}
$ git show
commit 367fadac24f24b826820e2fadced34b21cfff9ef
Merge: 4348cea d0105f1
Author: epriestley <git@epriestley.com>
Date:   Sat Oct 3 05:09:03 2015 -0700

    (stable) Promote 2015 Week 40
epriestley added a comment.Oct 13 2015, 12:35 AM

You have a version of cURL which has a bug with Content-Length (see T8654 for discussion), but your version of libphutil should include a workaround, so I'm not sure what's up. I can't reproduce this problem on this server.

Maybe you haven't restarted apache/php-fpm after updating past rPHUe9fea5c64c0c?

beber added a comment.Oct 13 2015, 1:12 AM

Right .. with 7.42.1 it's now OK.

epriestley closed this task as Wontfix.Oct 18 2015, 2:41 PM
epriestley claimed this task.

I'm not sure why our workaround for this in rPHUe9fea5c64c0c wouldn't work for you, but it seems to work for other people so I'm going to chalk this up to something else in your environment until we see more reports.

Phabricator · Built by Phacility