https://issues.apache.org/bugzilla/show_bug.cgi?id=53281
--- Comment #17 from saurabh <saurabhsul...@yahoo.co.in> --- (In reply to Konstantin Preißer from comment #14) > (In reply to saurabh from comment #12) > > Created attachment 30912 [details] > > HTTP 0.9 response from the server > > > > I tried the identical steps that have been provided and the browser receives > > garbage value with HTTP/0.9 response. I've attached the Live HTTP headers > > capture of the same. > > Just because some Browser Add-on reports a "HTTP/0.9 200 OK" response it > doesn't necessarily mean that this is what Tomcat is actually sending > (otherwise you should have seen that response when you are connecting with > telnet. > > My guess would be that the add-on (or even the browser) is trying to > interpret SSL bytes as plain HTTP response, and because it fails, displayes > some "HTTP/0.9" response. > > I verified this by setting up Tomcat 6.0.37 with a SSL connector using JSSE, > and downloadeding the Live HTTP headers addon for Firefox. I use a tool to > intercept the TCP connections and record the exact data packets that were > sent. > > I then opened the URL "http://localhost:8443/" with Firefox. This is what > was sent from Firefox to Tomcat (309 bytes): > > 47 45 54 20 2F 20 48 54 54 50 2F 31 2E 31 0D 0A GET / HTTP/1.1.. > 48 6F 73 74 3A 20 6C 6F 63 61 6C 68 6F 73 74 3A Host: localhost: > 38 34 34 33 0D 0A 55 73 65 72 2D 41 67 65 6E 74 8443..User-Agent > 3A 20 4D 6F 7A 69 6C 6C 61 2F 35 2E 30 20 28 57 : Mozilla/5.0 (W > 69 6E 64 6F 77 73 20 4E 54 20 36 2E 33 3B 20 57 indows NT 6.3; W > 4F 57 36 34 3B 20 72 76 3A 32 34 2E 30 29 20 47 OW64; rv:24.0) G > 65 63 6B 6F 2F 32 30 31 30 30 31 30 31 20 46 69 ecko/20100101 Fi > 72 65 66 6F 78 2F 32 34 2E 30 0D 0A 41 63 63 65 refox/24.0..Acce > 70 74 3A 20 74 65 78 74 2F 68 74 6D 6C 2C 61 70 pt: text/html,ap > 70 6C 69 63 61 74 69 6F 6E 2F 78 68 74 6D 6C 2B plication/xhtml+ > 78 6D 6C 2C 61 70 70 6C 69 63 61 74 69 6F 6E 2F xml,application/ > 78 6D 6C 3B 71 3D 30 2E 39 2C 2A 2F 2A 3B 71 3D xml;q=0.9,*/*;q= > 30 2E 38 0D 0A 41 63 63 65 70 74 2D 4C 61 6E 67 0.8..Accept-Lang > 75 61 67 65 3A 20 64 65 2D 64 65 2C 64 65 3B 71 uage: de-de,de;q > 3D 30 2E 38 2C 65 6E 2D 75 73 3B 71 3D 30 2E 35 =0.8,en-us;q=0.5 > 2C 65 6E 3B 71 3D 30 2E 33 0D 0A 41 63 63 65 70 ,en;q=0.3..Accep > 74 2D 45 6E 63 6F 64 69 6E 67 3A 20 67 7A 69 70 t-Encoding: gzip > 2C 20 64 65 66 6C 61 74 65 0D 0A 43 6F 6E 6E 65 , deflate..Conne > 63 74 69 6F 6E 3A 20 6B 65 65 70 2D 61 6C 69 76 ction: keep-aliv > 65 0D 0A 0D 0A e.... > > > This is what Tomcat responded (7 bytes): > 15 03 01 00 02 02 0A ....... > (Connection closed) > > > This is what Live HTTP headers reported: > > http://localhost:8443/ > > GET / HTTP/1.1 > Host: localhost:8443 > User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:24.0) Gecko/20100101 > Firefox/24.0 > Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 > Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3 > Accept-Encoding: gzip, deflate > Connection: keep-alive > > HTTP/0.9 200 OK > ---------------------------------------------------------- > > > As you can see, Tomcat didn't returin anything like "HTTP/0.9 200 OK" plain > text in its SSL response although Live HTTP Headers reports this. Instead it > sends some some SSL reply (though I do not have examined what kind of reply > it is), since actually you are sending some garbage to a SSL connector here. > > If Tomcat could be enhanced to recognize a erroneously sent plain HTTP > request to a HTTPS/SSL connector (like HTTPD does) is another question. I tried to figure out the SSL bytes --> 15 03 01 00 02 02 0A using the following link: http://pic.dhe.ibm.com/infocenter/tpfhelp/current/index.jsp?topic=%2Fcom.ibm.ztpf-ztpfdf.doc_put.cur%2Fgtps5%2Fs5rcd.html This is what I think those bytes mean: 0x15 --> SSL3_RT_ALERT 0x03 0x01 --> TLS1_VERSION 0x00 0x02 --> Length of data in the record (excluding the header itself) 0x02 --> SSL3_MT_SERVER_HELLO or SSL3_AL_FATAL 0x0A --> SSL3_AD_UNEXPECTED_MESSAGE -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org