Package: libapache2-mod-xsendfile
Version: 0.12-2
Severity: normal
Dear Maintainer,
Using libapache2-mod-xsendfile while mod_http2 and mpm_event enabled leads to
network errors in browsers (Firefox 65.0.1 and Chromium 73.0.3683.75) when
larges files (> 50 Mb) are used for X-Sendfile header in a php file.
There is no logs at all server side (Apache2 or System) but browser failed
(Chromium trigger a 'network error').
There is no exact size limit to trigger the issue. It's not even constant in
time for a given browser, but I never achieved to make it work for files sizes
> 100 Mb.
The problem disappear as soon mod_http2 is disabled.
I know that mod_xsendfile is no more maintened since years and is not an
official apache module, but it seems that it is unsafe to use it with HTTP/2
enabled.
Best regards
-- System Information:
Debian Release: 9.8
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-8-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8),
LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages libapache2-mod-xsendfile depends on:
ii apache2-bin [apache2-api-20120211] 2.4.25-3+deb9u6
ii libc6 2.24-11+deb9u4
libapache2-mod-xsendfile recommends no packages.
libapache2-mod-xsendfile suggests no packages.
-- no debconf information