Actually, I saw that notice and tried Tomcat 7.0.12, but saw the same behaviour. I should have mentioned that before. So, I think this is a different issue.
- Chris On April 13, 2011 07:27:51 am André Warnier wrote: > Hi. > > An earlier message to this list [[SECURITY] CVE-2011-1475 Apache Tomcat > information > disclosure] /may/ have something to do with this. > (It talks only about the HTTP connector, but also about content mixup with > async requests, > so maybe there is a link) > > Chris Dumoulin wrote: > > I'm seeing an intermittent problem with my webapp where a request is sent > > and the response contains 8184 bytes from some other response followed by > > the correct response. > > > > The setup being used is Nginx 0.8.54 reverse proxying to Tomcat 7.0.11. > > AJP is the protocol between Nginx and Tomcat. > > The webapp in Tomcat is doing Servlet 3.0 async requests. > > > > This issue is extremely difficult to reproduce and at this point I'm not > > sure if the problem is in the webapp, Tomcat, or Nginx. > > I know that 8184 bytes is the size of an AJP packet, and in Tomcat's > > org.apache.catalina.connector.Response, I see the following code: > > > > if("AJP/1.3".equals(connector.getProtocol())) { > > // default size to size of one ajp-packet > > outputBuffer = new OutputBuffer(8184); > > } > > > > So, right now I'm following the theory that something is being reused in > > Tomcat without having been properly completed or recycled. Obviously it's > > most likely that this is an application bug. > > > > Does anyone have any ideas about what kind of problem in the application > > could cause this behaviour, or other ideas about what the cause might be? > > > > Thanks, > > Chris > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org