Hi, On Thu, Jul 30, 2020 at 5:54 PM Travis Spencer <[email protected]> wrote: > > On Thu, Jul 30, 2020 at 4:33 PM Simone Bordet <[email protected]> wrote: > > > > Hi, > > Hey, Simone. Thanks for bearing with me even though my message was so > confusing. Let me try to clarify. > > > On Thu, Jul 30, 2020 at 11:47 AM Travis Spencer > > <[email protected]> wrote: > > > > > > We are trying to add H2 support to our server that embeds Jetty. This > > > works perfectly except in the case where we proxy to downstream > > > services. For a couple routes, we forward to an HTTP (not HTTPS) > > > server and a server that doesn't support H2. In these cases, the proxy > > > request fails since non-SSL with H2 isn't supported by the one origin > > > server and the other only accepts 1.1. > > > > > > So, my question is, how in our AsyncProxyServlet subclass should we > > > specify that the proxy requests should use HTTP 1.1 and not H2? ATM, > > > the proxied request seems to always use whatever version the client > > > used when communicating with the proxy servlet. > > > > I am not sure I understand. > > A picture's worth a 1000 words, so here's a diagram: > > +-----------------------------+ > | | > | +--------------------+ | > H2 for various | | | | > non-proxied cases| | | | > +-------------+ Jetty Web server | | > | | | | > +-----------------+ > | | | | HTTP 1.1 | > | > | +--------------------+ | without SSL | > Origin | > H2 that proxies | | +-------+ > server | > to an HTTP 1.1 | +--------------------+ | ^ | > 1 | > server without | | | | | > +-----------------+ > SSL +-------------+ +---------------+ > | | Jetty Proxy Server | | > | | | | > +-------------+ +---------------+ > +-----------------+ > | +--------------------+ | v | > Origin | > H2 that proxies | | +-------+ > server | > to an HTTP 1.1 | Our Server | HTTP 1.1 | > 2 | > server with SSL | | with SSL | > | > +-----------------------------+ > +-----------------+ > > > > (In case the fonts get screwed up you can find a copy of that diagram here: > https://drive.google.com/file/d/1Ks8AsjeKHcSUyL7qVtjenkputtsqJZPZ/view?usp=sharing) > > > You have a server that is both a server (i.e. it answers requests > > directly) and a proxy (i.e. it uses AsyncProxyServlet to forward to > > other servers that only support HTTP/1.1). > > Yes, exactly. > > > AsyncProxyServlet will create an instance of HttpClient with (by > > default) the HTTP/1.1 transport. > > So every proxied request will be sent as HTTP/1.1. > > > > Therefore it is already the case that all proxied requests use HTTP/1.1. > > That's not what I'm seeing, in the logs at least. I think the logged info is > correct too because the origin servers (both of them) are giving me errors, > and the only thing I've changed is H2 support on the proxy. > > > > When access the downstream HTTP 1.1 server, the client and proxy > > > request looks like this: > > > > > > MyGoodTransparentProxyServlet:70 474713221 rewriting: > > > https://localhost:5555/mygood-api -> > > > https://remote.example.com:443/some-other-good-api > > > > Uh? You said the other server was not using HTTPS? > > One is HTTP and one is HTTPS. > > > > HttpRequest[GET /some-other-good-api HTTP/2.0]@8c22593 > > See, Simone, how the proxy uses H2 as well and not 1.1?
That does not mean the request is sent using HTTP/2. The HTTP version is copied from the incoming request, which in your case is HTTP/2. But it is sent as HTTP/1.1 on the wire and that may confuse your server. Override AsyncProxyServlet.copyRequestHeaders() or addProxyHeaders() to customize the proxy request, and force version(HttpVersion.HTTP_1_1). Please file an issue about this, we should do a bit better here. > Here's an example of the default Via that's created when my subclass calls > org.eclipse.jetty.proxy.AbstractProxyServlet#addProxyHeaders: > > Via: http/1.1 null > > The http/1.1 is hardcoded (which is wrong IINM, since I connected via H2) and > the host is not a pseudonym and not the actual host. I don't know where this comes from. viaHost is configured in AbstractProxyServlet.init() and is never null (see method viaHost()). The "http/1.1" is hardcoded in addViaHeader(), but you can override the method. Please file an issue about this as well, as we should remove the hardcoded "http/1.1" from the Via header. Thanks! -- Simone Bordet ---- http://cometd.org http://webtide.com Developer advice, training, services and support from the Jetty & CometD experts. _______________________________________________ jetty-users mailing list [email protected] To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users
