[squid-users] Squid error with "WARNING: HTTP header contains NULL characters"

From: Sam Klinger <fire.fox005_at_gmail.com>
Date: Wed, 27 Apr 2011 12:04:23 -0500

Steps to reproduce:
1. Go to
http://sourceforge.net/projects/sarg/files/sarg/sarg-2.3.1/sarg-2.3.1.tar.gz/download
2. Attempt to download
3. Squid will display error page saying "The requested URL could not be
retrieved" and "The HTTP Response message received from the contacted
server could not be understood or was otherwise malformed. Please
contact the site operator."

cache.log contains the error below:
2011/04/27 11:53:25| WARNING: HTTP: Invalid Response: Bad header
encountered from
http://downloads.sourceforge.net/project/sarg/sarg/sarg-2.3.1/sarg-2.3.1.tar.gz?r=&ts=1303923196&use_mirror=cdnetworks-us-1
AKA
downloads.sourceforge.net/project/sarg/sarg/sarg-2.3.1/sarg-2.3.1.tar.gz?r=&ts=1303923196&use_mirror=cdnetworks-us-1
2011/04/27 11:53:25| ctx: enter level 0:
'http://downloads.sourceforge.net/project/sarg/sarg/sarg-2.3.1/sarg-2.3.1.tar.gz?r=&ts=1303923196&use_mirror=cdnetworks-us-1'
2011/04/27 11:53:25| WARNING: HTTP header contains NULL characters
{Access-Control-Allow-Origin: *
X-Powered-By: PHP/5.2.9
Content-Disposition: attachment; filename="sarg-2.3.1.tar.gz}
NULL
{Access-Control-Allow-Origin: *
X-Powered-By: PHP/5.2.9
Content-Disposition: attachment; filename="sarg-2.3.1.tar.gz
2011/04/27 11:53:25| ctx: exit level 0

Here is a squid -v
Squid Cache: Version 3.1.12.1
configure options: 'CHOST=i686-pc-linux-gnu' 'CFLAGS=-march=prescott
-O2 -pipe -fomit-frame-pointer' 'CXXFLAGS=' '--prefix=/usr'
'--includedir=/include' '--mandir=/share/man' '--infodir=/share/info'
'--sysconfdir=/etc' '--localstatedir=/var' '--libexecdir=/lib/squid3'
'--disable-maintainer-mode' '--disable-dependency-tracking'
'--disable-silent-rules' '--srcdir=.' '--datadir=/usr/share/squid3'
'--sysconfdir=/etc/squid3' '--mandir=/usr/share/man' '--enable-inline'
'--enable-async-io=8' '--with-cppunit-basedir=/usr'
'--enable-storeio=ufs,aufs,diskd' '--enable-removal-policies=heap'
'--enable-delay-pools' '--enable-cache-digests' '--enable-icap-client'
'--enable-underscore' '--enable-follow-x-forwarded-for'
'--enable-auth=basic,digest,ntlm,negotiate'
'--enable-basic-auth-helpers=LDAP,MSNT,NCSA,PAM,YP,getpwnam,multi-domain-NTLM'
'--enable-digest-auth-helpers=ldap,password'
'--enable-negotiate-auth-helpers=squid_kerb_auth'
'--enable-external-acl-helpers=ip_user,ldap_group,session,unix_group,wbinfo_group'
'--enable-snmp' '--enable-epoll'
'--with-large-files--with-filedescriptors=65536' '--enable-arp-acl'
'--enable-zph-qos' '--enable-esi' '--with-logdir=/var/log/squid3'
'--with-pidfile=/var/run/squid3.pid' '--with-filedescriptors=65536'
'--with-large-files' '--enable-linux-netfilter'
'--with-default-user=proxy' --with-squid=/opt/squid-3.1.12.1

Sourceforge is not the only website that does it, not all websites do
it, but some. So far all affected websites have been affected in the
header line "Content-Disposition".

I also have wireshark captures from a machine running outside squid
and one running inside. Any help with this issue would be appreciated.
Thank you.
Received on Wed Apr 27 2011 - 17:04:30 MDT

This archive was generated by hypermail 2.2.0 : Thu Apr 28 2011 - 12:00:03 MDT