Hello all! In last weeks I've started encountering a problem, that for our particular use-case is seriously breaking some of our sites, namely:
* a client makes a POST request which has a "largish" payload, one that does not manage to "push" it through before HAProxy has a chance to respond, * if HAProxy is configured to redirect such a request (like for example upgrading HTTP to HTTPS), * then HAProxy responds with the redirect, and closes the connection; but the client has not yet been able to push its POST body and receives a write error, and thus it aborts without trying to read the response from HAProxy; One can easily reproduce this with: ( printf -- 'POST /invalid HTTP/1.1\r\nHost: invalid.example.com\r\n\r\n' dd if=/dev/urandom bs=1024 count=4 | base64 ) \ | socat -d -d -v tcp:127.0.0.1:80,sndbuf=16 stdio , which results in a connection reset, as `socat` is trying to push data to a closed socket. (Via private email I can give an actual `tcpdump` capture with production data.) Unfortunately this issue doesn't impact a "random" client but recent versions of Firefox and Chrome, which just display a "connection reset" kind of message to the users. I've tried searching for a similar problem, and found this: http://haproxy.formilux.narkive.com/9xhXJk4f/redirecting-on-a-large-post-without-reading-it-entirely http://haproxy.formilux.narkive.com/gYztlqms/fwd-302-to-502-error But it's not clear to me if these issues were fixed since almost 8 years ago, or how should I proceed in solving this issue myself. (I'm open to applying patches and re-compiling HAProxy.) Increasing `tune.bufsize` to 128k doesn't seem to help either. Thanks, Ciprian.
