Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-14898

Proxied/Forwarded requests to other nodes wind up getting duplicate response headers

Log workAgile BoardRank to TopRank to BottomAttach filesAttach ScreenshotBulk Copy AttachmentsBulk Move AttachmentsVotersWatch issueWatchersCreate sub-taskConvert to sub-taskLinkCloneLabelsUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Blocker
    • Resolution: Fixed
    • None
    • 8.6.3
    • None
    • None

    Description

      When Solr receives a request for a collection not hosted on the current node, HttpSolrCall forwards/proxies that request - but the final response for the client can include duplicate response headers - one header from the remote node that ultimately handled the request, and a second copy of the header added by the current node...

      # create a simple 2 node cluster...
      $ ./bin/solr -e cloud -noprompt
      # ...
      
      $ curl 'http://localhost:8983/solr/admin/collections?action=CREATE&name=solo&numShards=1&nrtReplicas=1'
      # ...
      
      # node 8983 is the node currently hosting the only replica of the 'solo' collection, and responds to requests directly...
      #
      $ curl -S -s -D - -o /dev/null http://localhost:8983/solr/solo/select
      HTTP/1.1 200 OK
      Content-Security-Policy: default-src 'none'; base-uri 'none'; connect-src 'self'; form-action 'self'; font-src 'self'; frame-ancestors 'none'; img-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self'; worker-src 'self';
      X-Content-Type-Options: nosniff
      X-Frame-Options: SAMEORIGIN
      X-XSS-Protection: 1; mode=block
      Content-Type: application/json;charset=utf-8
      Content-Length: 169
      
      # node 7574 does not host a replica, and forwards requests for it to 8983
      # the response the client gets from 7574 has several security related headers duplicated...
      #
      $ curl -S -s -D - -o /dev/null http://localhost:7574/solr/solo/select
      HTTP/1.1 200 OK
      Content-Security-Policy: default-src 'none'; base-uri 'none'; connect-src 'self'; form-action 'self'; font-src 'self'; frame-ancestors 'none'; img-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self'; worker-src 'self';
      X-Content-Type-Options: nosniff
      X-Frame-Options: SAMEORIGIN
      X-XSS-Protection: 1; mode=block
      Content-Security-Policy: default-src 'none'; base-uri 'none'; connect-src 'self'; form-action 'self'; font-src 'self'; frame-ancestors 'none'; img-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self'; worker-src 'self';
      X-Content-Type-Options: nosniff
      X-Frame-Options: SAMEORIGIN
      X-XSS-Protection: 1; mode=block
      Content-Type: application/json;charset=utf-8
      Content-Length: 197
      
      

      Attachments

        Issue Links

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            hossman Chris M. Hostetter Assign to me
            hossman Chris M. Hostetter
            Votes:
            1 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment