Status 400: Invalid charactor in header name: 'X-ForProto -Proto'

#1
Hi all!

I've just noticed an anomaly, but I can't find the cause.

On a web server that's been running for quite some time without any problems, I've just switched to openlitespeed 1.7.18.

I now get the error :
Bash:
Status 400: Invalid charactor in header name: 'X-ForProto -Proto'
Whereas if I downgrade to version 1.7.17 I don't get this anomaly.

A search on the forum gives me the impression that I'm the only one with this problem.

Upstream I have a nginx proxy under docker (nginx proxy manager) running on the latest version.

I really can't figure it out, so for the moment I'm leaving it on opls 1.7.17, but I'd like an explanation or even a solution.

Does anyone have any idea where to look?

Any help would be appreciated, thanks in advance :)
 
#3
@popallo
The header syntax looks incorrect to me, is it possible to share the site link or response header of the X-For part?
Hi @Cold-Egg and thx for your help.

I just sent you the website address in PM.

And as mentioned, I have other sites, under laravel or otherwise, which are on cloudflare or not, and on which the malfunction is identical.

It is possible that the origin of the problem comes from the nginx proxy (nginx proxy manager) but I don't understand why it works perfectly on the 1.7.17 version of opls.

And small clarification, I also have access to the administration panel on version 1.7.17 while on version 1.7.18 I also find myself with the error concerning "X-ForProto -Proto".

Could this be an accidentally added check on version 1.7.18 that would be too strict?
 
#4
Hi!

Finally someone of litespeed team help me in github and find that the problem was on "nginx proxy":
https://github.com/litespeedtech/openlitespeed/issues/362

OK, I see what is wrong. I think nginx proxy must be configured also send X-Forwarded-scheme: https in addition to X-Forwarded-proto: https, just drop X-Forwarded-scheme: https should fix this. do not need to have both.
And indeed, once X-Forwarded-scheme is removed, it works like a charm!

And indeed, once X-Forwarded-scheme is removed, it works like a charm!
 
Top