OPNsense Forum
Archive => 21.1 Legacy Series => Topic started by: gpb on July 09, 2021, 07:17:27 pm
-
Logging into to the webui, I get in large type the message "411 Length Required" (same in both firefox and chrome). Thought maybe updating to the hotfix (21.1.8_1) might correct it, but did not. I restarted the webui and that also did not work. Checking if lighttpd is running it apparently is as it returns a process ID using pgrep lighttpd.
Any suggestions?
Edit: I can access from an ipad...there's no cert installed there.
Edit: OK, this appears related to Bitdefender, disabling it allows it to work. Disabling protection on bf and re-enabling solved the problem.
-
Glad you identified the actual culprit.
FYI: various gateway protocols (e.g. CGI, FastCGI, SCGI, ...) require CONTENT_LENGTH. If lighttpd is configured to stream the request body using a non-zero value, e.g. server.stream-request-body = 1
, then lighttpd will return "411 Length Required" for requests containing a request body which do not provide Content-Length in the request headers (when lighttpd is required to provide CONTENT_LENGTH to backend protocols).
However, if request body streaming is disabled in lighttpd.conf (the default if not specified) server.stream-request-body = 0
, then lighttpd will collect the request body -- by decoding Transfer-Encoding: chunked (HTTP/1.1) or collecting DATA frames (HTTP/2) -- and lighttpd will set CONTENT_LENGTH for the backends.
Therefore, a workaround is to set server.stream-request-body = 0
if intermediaries impolitely modify requests to remove Content-Length.
-
Good info, thanks. :)