Location header is set on HTTP 200
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Glance |
Fix Released
|
Undecided
|
Dave Walker |
Bug Description
Glance seems to be setting the http header of Location, when no redirect is intended. The contents of the Location field are equal to that of the request.
I haven't been able to work out the reasoning of this, but it has extended consqences of some webstacks and proxies seeing the Location field, and turning it into a 302 (which glanceclient et al then follows, causing a redirect loop).
Is this Location field used for anything meaningful?
To contrast, another Project has seen similar behavior here:
http://
Their interpenetration of RFC 2616 §14.30 is such that Glance's behavior is incompatible with the RFC.
As example:
From Glance running directly:
$ curl -i -X HEAD -H 'X-Auth-Token: a2dbc60c0b76415
t-stream' -H 'User-Agent: python-
646d20f6ee4c
HTTP/1.0 200 OK
Date: Fri, 28 Mar 2014 12:52:40 GMT
Server: WSGIServer/0.1 Python/2.7.3
Content-Type: text/html; charset=UTF-8
Content-Length: 0
x-image-
x-image-meta-id: 2db2f647-
x-image-
x-image-
x-image-
x-image-
x-image-
x-image-
x-image-meta-size: 25165824
x-image-
x-image-
x-image-
x-image-
x-image-meta-owner: e72df10b1afb49d
x-image-
x-image-
x-image-meta-name: cirros-
Location: http://{REDACTED}
ETag: f8a2eeee2dc65b3
x-openstack-
From Glance running behind apache+fcgid+flup:
$ curl -i \
> -X HEAD \
> -H 'X-Auth-Token: a2dbc60c0b76415
> -H 'Content-Type: application/
> -H 'User-Agent: python-
HTTP/1.1 302 Found
Date: Fri, 28 Mar 2014 12:58:28 GMT
Server: Apache
X-MS-Unique-Id: UzVx9ArGan4AACO
x-image-
x-image-meta-id: 2db2f647-
x-image-
x-image-
x-image-
x-image-
x-image-
x-image-
x-image-meta-size: 25165824
x-image-
x-image-
x-image-
x-image-
x-image-meta-owner: e72df10b1afb49d
x-image-
x-image-
x-image-meta-name: cirros-
ETag: f8a2eeee2dc65b3
x-openstack-
Location: http://{REDACTED}
Content-Type: text/html; charset=iso-8859-1
Changed in glance: | |
assignee: | nobody → Dave Walker (davewalker) |
status: | New → In Progress |
Changed in glance: | |
milestone: | none → juno-1 |
status: | Fix Committed → Fix Released |
Changed in glance: | |
milestone: | juno-1 → 2014.2 |
"The Location header specifies a redirect. There are two kinds. If the Location value is a full URL (e.g. http:// www.fastcgi. com/servers/ apache), the effect is to generate an HTTP 302 response. If the Location value is an absolute path (e.g. /servers/apache), the effect is to execute a recursive request for that path within the server, and return the response of that request. The Status and Location headers are mutually exclusive." www.fastcgi. com/om_ archive/ servers/ apache/ apache- fastcgi/ mod_fastcgi. html
-- http://