400 bad requests now returning http headers? ( crossdomain.xml )

Hi,

I’m using Nginx to serve a file called crossdomain.xml, that file is
used by
Flash client to allow socket crossdomain Policy. It’s a trick that many
people are using instead of having a dedicated app to server that file.
The
trick is to return that xml file when nginx get a bad request. Since a
recent version ( 1.4.7+ ) it seems that a bad request replies include
HTTP
headers and therefore breaking the Flash client ( instead of returning
only
the data without headers ). Is there a way to remove those headers? Also
I
searched in the changelog and didn’t find any hints about that change?

Example: perl -e ‘printf “%c”,0’ | nc test.com 843

HTTP/1.1 400 Bad Request
Server: nginx
Date: Tue, 10 Jun 2014 18:44:00 GMT
Content-Type: text/xml
Content-Length: 308
Connection: close
ETag: “5385f727-134”

<?xml version="1.0"?>

Regards,

Posted at Nginx Forum:

Hello!

On Tue, Jun 10, 2014 at 02:49:58PM -0400, Thaxll wrote:

Hi,

I’m using Nginx to serve a file called crossdomain.xml, that file is used by
Flash client to allow socket crossdomain Policy. It’s a trick that many
people are using instead of having a dedicated app to server that file. The
trick is to return that xml file when nginx get a bad request. Since a
recent version ( 1.4.7+ ) it seems that a bad request replies include HTTP
headers and therefore breaking the Flash client ( instead of returning only
the data without headers ). Is there a way to remove those headers? Also I
searched in the changelog and didn’t find any hints about that change?

Quote from http://nginx.org/en/CHANGES, changes with nginx 1.5.5:

*) Change: now nginx assumes HTTP/1.0 by default if it is not able 

to
detect protocol reliably.


Maxim D.
http://nginx.org/

Hi Maxim,

Thank you for the quick reply, I guess there is no workaround for that
problem? It isn’t possible to remove headers or specify a dummy protocol
for
Nginx?

Thank you,

Posted at Nginx Forum:

Hello!

On Tue, Jun 10, 2014 at 04:07:28PM -0400, Thaxll wrote:

Hi Maxim,

Thank you for the quick reply, I guess there is no workaround for that
problem? It isn’t possible to remove headers or specify a dummy protocol for
Nginx?

I don’t think there is anything that can be done at the
configuration level. On the other hand, it should be more or less
trivial to write a module to force nginx to think the protocol was
HTTP/0.9 and to respond accordingly.


Maxim D.
http://nginx.org/

Maxim D. Wrote:

Nginx?


nginx mailing list
[email protected]
nginx Info Page

Found a one solution Max?

Posted at Nginx Forum: