Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-14898

Proxied/Forwarded requests to other nodes wind up getting duplicate response headers

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 8.6.3
    • Component/s: None
    • Labels:
      None

      Description

      When Solr receives a request for a collection not hosted on the current node, HttpSolrCall forwards/proxies that request - but the final response for the client can include duplicate response headers - one header from the remote node that ultimately handled the request, and a second copy of the header added by the current node...

      # create a simple 2 node cluster...
      $ ./bin/solr -e cloud -noprompt
      # ...
      
      $ curl 'http://localhost:8983/solr/admin/collections?action=CREATE&name=solo&numShards=1&nrtReplicas=1'
      # ...
      
      # node 8983 is the node currently hosting the only replica of the 'solo' collection, and responds to requests directly...
      #
      $ curl -S -s -D - -o /dev/null http://localhost:8983/solr/solo/select
      HTTP/1.1 200 OK
      Content-Security-Policy: default-src 'none'; base-uri 'none'; connect-src 'self'; form-action 'self'; font-src 'self'; frame-ancestors 'none'; img-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self'; worker-src 'self';
      X-Content-Type-Options: nosniff
      X-Frame-Options: SAMEORIGIN
      X-XSS-Protection: 1; mode=block
      Content-Type: application/json;charset=utf-8
      Content-Length: 169
      
      # node 7574 does not host a replica, and forwards requests for it to 8983
      # the response the client gets from 7574 has several security related headers duplicated...
      #
      $ curl -S -s -D - -o /dev/null http://localhost:7574/solr/solo/select
      HTTP/1.1 200 OK
      Content-Security-Policy: default-src 'none'; base-uri 'none'; connect-src 'self'; form-action 'self'; font-src 'self'; frame-ancestors 'none'; img-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self'; worker-src 'self';
      X-Content-Type-Options: nosniff
      X-Frame-Options: SAMEORIGIN
      X-XSS-Protection: 1; mode=block
      Content-Security-Policy: default-src 'none'; base-uri 'none'; connect-src 'self'; form-action 'self'; font-src 'self'; frame-ancestors 'none'; img-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self'; worker-src 'self';
      X-Content-Type-Options: nosniff
      X-Frame-Options: SAMEORIGIN
      X-XSS-Protection: 1; mode=block
      Content-Type: application/json;charset=utf-8
      Content-Length: 197
      
      

        Attachments

        Issue Links

          Activity

            People

            • Assignee:
              hossman Chris M. Hostetter
              Reporter:
              hossman Chris M. Hostetter

              Dates

              • Created:
                Updated:
                Resolved:

                Issue deployment