1<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
2    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3
4<html xmlns="http://www.w3.org/1999/xhtml">
5  <head>
6    <meta name="generator" content="HTML Tidy, see www.w3.org" />
7
8    <title>Apache HTTP Server Project</title>
9  </head>
10  <!-- Background white, links blue (unvisited), navy (visited), red (active) -->
11
12  <body bgcolor="#FFFFFF" text="#000000" link="#0000FF"
13  vlink="#000080" alink="#FF0000">
14        <div align="CENTER">
15      <img src="../images/sub.gif" alt="[APACHE DOCUMENTATION]" />
16
17      <h3>Apache HTTP Server Version 1.3</h3>
18    </div>
19
20
21    <h1 align="CENTER">Known Problems in Clients</h1>
22
23    <p>Over time the Apache Group has discovered or been notified
24    of problems with various clients which we have had to work
25    around, or explain. This document describes these problems and
26    the workarounds available. It's not arranged in any particular
27    order. Some familiarity with the standards is assumed, but not
28    necessary.</p>
29
30    <p>For brevity, <em>Navigator</em> will refer to Netscape's
31    Navigator product (which in later versions was renamed
32    "Communicator" and various other names), and <em>MSIE</em> will
33    refer to Microsoft's Internet Explorer product. All trademarks
34    and copyrights belong to their respective companies. We welcome
35    input from the various client authors to correct
36    inconsistencies in this paper, or to provide us with exact
37    version numbers where things are broken/fixed.</p>
38
39    <p>For reference, <a
40    href="ftp://ds.internic.net/rfc/rfc1945.txt">RFC1945</a>
41    defines HTTP/1.0, and <a
42    href="ftp://ds.internic.net/rfc/rfc2068.txt">RFC2068</a>
43    defines HTTP/1.1. Apache as of version 1.2 is an HTTP/1.1
44    server (with an optional HTTP/1.0 proxy).</p>
45
46    <p>Various of these workarounds are triggered by environment
47    variables. The admin typically controls which are set, and for
48    which clients, by using <a
49    href="../mod/mod_setenvif.html">mod_setenvif</a>. Unless
50    otherwise noted all of these workarounds exist in versions 1.2
51    and later.</p>
52
53    <h3><a id="trailing-crlf" name="trailing-crlf">Trailing CRLF on
54    POSTs</a></h3>
55
56    <p>This is a legacy issue. The CERN webserver required
57    <code>POST</code> data to have an extra <code>CRLF</code>
58    following it. Thus many clients send an extra <code>CRLF</code>
59    that is not included in the <code>Content-Length</code> of the
60    request. Apache works around this problem by eating any empty
61    lines which appear before a request.</p>
62
63    <h3><a id="broken-keepalive" name="broken-keepalive">Broken
64    keepalive</a></h3>
65
66    <p>Various clients have had broken implementations of
67    <em>keepalive</em> (persistent connections). In particular the
68    Windows versions of Navigator 2.0 get very confused when the
69    server times out an idle connection. The workaround is present
70    in the default config files:</p>
71
72    <blockquote>
73      <code>BrowserMatch Mozilla/2 nokeepalive</code>
74    </blockquote>
75    Note that this matches some earlier versions of MSIE, which
76    began the practice of calling themselves <em>Mozilla</em> in
77    their user-agent strings just like Navigator.
78
79    <p>MSIE 4.0b2, which claims to support HTTP/1.1, does not
80    properly support keepalive when it is used on 301 or 302
81    (redirect) responses. Unfortunately Apache's
82    <code>nokeepalive</code> code prior to 1.2.2 would not work
83    with HTTP/1.1 clients. You must apply <a
84    href="http://www.apache.org/dist/httpd/patches/apply_to_1.2.1/msie_4_0b2_fixes.patch">
85    this patch</a> to version 1.2.1. Then add this to your
86    config:</p>
87
88    <blockquote>
89      <code>BrowserMatch "MSIE 4\.0b2;" nokeepalive</code>
90    </blockquote>
91
92    <h3><a id="force-response-1.0"
93    name="force-response-1.0">Incorrect interpretation of
94    <code>HTTP/1.1</code> in response</a></h3>
95
96    <p>To quote from section 3.1 of RFC1945:</p>
97
98    <blockquote>
99      HTTP uses a "&lt;MAJOR&gt;.&lt;MINOR&gt;" numbering scheme to
100      indicate versions of the protocol. The protocol versioning
101      policy is intended to allow the sender to indicate the format
102      of a message and its capacity for understanding further HTTP
103      communication, rather than the features obtained via that
104      communication.
105    </blockquote>
106    Since Apache is an HTTP/1.1 server, it indicates so as part of
107    its response. Many client authors mistakenly treat this part of
108    the response as an indication of the protocol that the response
109    is in, and then refuse to accept the response.
110
111    <p>The first major indication of this problem was with AOL's
112    proxy servers. When Apache 1.2 went into beta it was the first
113    wide-spread HTTP/1.1 server. After some discussion, AOL fixed
114    their proxies. In anticipation of similar problems, the
115    <code>force-response-1.0</code> environment variable was added
116    to Apache. When present Apache will indicate "HTTP/1.0" in
117    response to an HTTP/1.0 client, but will not in any other way
118    change the response.</p>
119
120    <p>The pre-1.1 Java Development Kit (JDK) that is used in many
121    clients (including Navigator 3.x and MSIE 3.x) exhibits this
122    problem. As do some of the early pre-releases of the 1.1 JDK.
123    We think it is fixed in the 1.1 JDK release. In any event the
124    workaround:</p>
125
126    <blockquote>
127      <code>BrowserMatch Java/1.0 force-response-1.0<br />
128       BrowserMatch JDK/1.0 force-response-1.0</code>
129    </blockquote>
130
131    <p>RealPlayer 4.0 from Progressive Networks also exhibits this
132    problem. However they have fixed it in version 4.01 of the
133    player, but version 4.01 uses the same <code>User-Agent</code>
134    as version 4.0. The workaround is still:</p>
135
136    <blockquote>
137      <code>BrowserMatch "RealPlayer 4.0" force-response-1.0</code>
138    </blockquote>
139
140    <h3><a id="msie4.0b2" name="msie4.0b2">Requests use HTTP/1.1
141    but responses must be in HTTP/1.0</a></h3>
142
143    <p>MSIE 4.0b2 has this problem. Its Java VM makes requests in
144    HTTP/1.1 format but the responses must be in HTTP/1.0 format
145    (in particular, it does not understand <em>chunked</em>
146    responses). The workaround is to fool Apache into believing the
147    request came in HTTP/1.0 format.</p>
148
149    <blockquote>
150      <code>BrowserMatch "MSIE 4\.0b2;" downgrade-1.0
151      force-response-1.0</code>
152    </blockquote>
153    This workaround is available in 1.2.2, and in a <a
154    href="http://www.apache.org/dist/httpd/patches/apply_to_1.2.1/msie_4_0b2_fixes.patch">
155    patch</a> against 1.2.1.
156
157    <h3><a id="257th-byte" name="257th-byte">Boundary problems with
158    header parsing</a></h3>
159
160    <p>All versions of Navigator from 2.0 through 4.0b2 (and
161    possibly later) have a problem if the trailing CRLF of the
162    response header starts at offset 256, 257 or 258 of the
163    response. A BrowserMatch for this would match on nearly every
164    hit, so the workaround is enabled automatically on all
165    responses. The workaround implemented detects when this
166    condition would occur in a response and adds extra padding to
167    the header to push the trailing CRLF past offset 258 of the
168    response.</p>
169
170    <h3><a id="boundary-string" name="boundary-string">Multipart
171    responses and Quoted Boundary Strings</a></h3>
172
173    <p>On multipart responses some clients will not accept quotes
174    (") around the boundary string. The MIME standard recommends
175    that such quotes be used. But the clients were probably written
176    based on one of the examples in RFC2068, which does not include
177    quotes. Apache does not include quotes on its boundary strings
178    to workaround this problem.</p>
179
180    <h3><a id="byterange-requests"
181    name="byterange-requests">Byterange requests</a></h3>
182
183    <p>A byterange request is used when the client wishes to
184    retrieve a portion of an object, not necessarily the entire
185    object. There was a very old draft which included these
186    byteranges in the URL. Old clients such as Navigator 2.0b1 and
187    MSIE 3.0 for the MAC exhibit this behavior, and it will appear
188    in the servers' access logs as (failed) attempts to retrieve a
189    URL with a trailing ";xxx-yyy". Apache does not attempt to
190    implement this at all.</p>
191
192    <p>A subsequent draft of this standard defines a header
193    <code>Request-Range</code>, and a response type
194    <code>multipart/x-byteranges</code>. The HTTP/1.1 standard
195    includes this draft with a few fixes, and it defines the header
196    <code>Range</code> and type
197    <code>multipart/byteranges</code>.</p>
198
199    <p>Navigator (versions 2 and 3) sends both <code>Range</code>
200    and <code>Request-Range</code> headers (with the same value),
201    but does not accept a <code>multipart/byteranges</code>
202    response. The response must be
203    <code>multipart/x-byteranges</code>. As a workaround, if Apache
204    receives a <code>Request-Range</code> header it considers it
205    "higher priority" than a <code>Range</code> header and in
206    response uses <code>multipart/x-byteranges</code>.</p>
207
208    <p>The Adobe Acrobat Reader plugin makes extensive use of
209    byteranges and prior to version 3.01 supports only the
210    <code>multipart/x-byterange</code> response. Unfortunately
211    there is no clue that it is the plugin making the request. If
212    the plugin is used with Navigator, the above workaround works
213    fine. But if the plugin is used with MSIE 3 (on Windows) the
214    workaround won't work because MSIE 3 doesn't give the
215    <code>Range-Request</code> clue that Navigator does. To
216    workaround this, Apache special cases "MSIE 3" in the
217    <code>User-Agent</code> and serves
218    <code>multipart/x-byteranges</code>. Note that the necessity
219    for this with MSIE 3 is actually due to the Acrobat plugin, not
220    due to the browser.</p>
221
222    <p>Netscape Communicator appears to not issue the non-standard
223    <code>Request-Range</code> header. When an Acrobat plugin prior
224    to version 3.01 is used with it, it will not properly
225    understand byteranges. The user must upgrade their Acrobat
226    reader to 3.01.</p>
227
228    <h3><a id="cookie-merge"
229    name="cookie-merge"><code>Set-Cookie</code> header is
230    unmergeable</a></h3>
231
232    <p>The HTTP specifications say that it is legal to merge
233    headers with duplicate names into one (separated by commas).
234    Some browsers that support Cookies don't like merged headers
235    and prefer that each <code>Set-Cookie</code> header is sent
236    separately. When parsing the headers returned by a CGI, Apache
237    will explicitly avoid merging any <code>Set-Cookie</code>
238    headers.</p>
239
240    <h3><a id="gif89-expires"
241    name="gif89-expires"><code>Expires</code> headers and GIF89A
242    animations</a></h3>
243
244    <p>Navigator versions 2 through 4 will erroneously re-request
245    GIF89A animations on each loop of the animation if the first
246    response included an <code>Expires</code> header. This happens
247    regardless of how far in the future the expiry time is set.
248    There is no workaround supplied with Apache, however there are
249    hacks for <a
250    href="http://arctic.org/~dean/patches/apache-1.2-gif89-expires-hack.patch">
251    1.2</a> and for <a
252    href="http://arctic.org/~dean/patches/apache-1.3-gif89-expires-hack.patch">
253    1.3</a>.</p>
254
255    <h3><a id="no-content-length"
256    name="no-content-length"><code>POST</code> without
257    <code>Content-Length</code></a></h3>
258
259    <p>In certain situations Navigator 3.01 through 3.03 appear to
260    incorrectly issue a POST without the request body. There is no
261    known workaround. It has been fixed in Navigator 3.04,
262    Netscapes provides some <a
263    href="http://help.netscape.com/kb/client/971014-42.html">information</a>.
264    There's also <a
265    href="http://arctic.org/~dean/apache/no-content-length/">
266    some information</a> about the actual problem.</p>
267
268    <h3><a id="jdk-12-bugs" name="jdk-12-bugs">JDK 1.2 betas lose
269    parts of responses.</a></h3>
270
271    <p>The http client in the JDK1.2beta2 and beta3 will throw away
272    the first part of the response body when both the headers and
273    the first part of the body are sent in the same network packet
274    AND keep-alive's are being used. If either condition is not met
275    then it works fine.</p>
276
277    <p>See also Bug-ID's 4124329 and 4125538 at the java developer
278    connection.</p>
279
280    <p>If you are seeing this bug yourself, you can add the
281    following BrowserMatch directive to work around it:</p>
282
283    <blockquote>
284      <code>BrowserMatch "Java1\.2beta[23]" nokeepalive</code>
285    </blockquote>
286
287    <p>We don't advocate this though since bending over backwards
288    for beta software is usually not a good idea; ideally it gets
289    fixed, new betas or a final release comes out, and no one uses
290    the broken old software anymore. In theory.</p>
291
292    <h3><a id="content-type-persistence"
293    name="content-type-persistence"><code>Content-Type</code>
294    change is not noticed after reload</a></h3>
295
296    <p>Navigator (all versions?) will cache the
297    <code>content-type</code> for an object "forever". Using reload
298    or shift-reload will not cause Navigator to notice a
299    <code>content-type</code> change. The only work-around is for
300    the user to flush their caches (memory and disk). By way of an
301    example, some folks may be using an old <code>mime.types</code>
302    file which does not map <code>.htm</code> to
303    <code>text/html</code>, in this case Apache will default to
304    sending <code>text/plain</code>. If the user requests the page
305    and it is served as <code>text/plain</code>. After the admin
306    fixes the server, the user will have to flush their caches
307    before the object will be shown with the correct
308    <code>text/html</code> type.</p>
309
310    <h3><a id="msie-cookie-y2k" name="msie-cookie-y2k">MSIE Cookie
311    problem with expiry date in the year 2000</a></h3>
312
313    <p>MSIE versions 3.00 and 3.02 (without the Y2K patch) do not
314    handle cookie expiry dates in the year 2000 properly. Years
315    after 2000 and before 2000 work fine. This is fixed in IE4.01
316    service pack 1, and in the Y2K patch for IE3.02. Users should
317    avoid using expiry dates in the year 2000.</p>
318
319    <h3><a id="lynx-negotiate-trans"
320    name="lynx-negotiate-trans">Lynx incorrectly asking for
321    transparent content negotiation</a></h3>
322
323    <p>The Lynx browser versions 2.7 and 2.8 send a "negotiate:
324    trans" header in their requests, which is an indication the
325    browser supports transparent content negotiation (TCN). However
326    the browser does not support TCN. As of version 1.3.4, Apache
327    supports TCN, and this causes problems with these versions of
328    Lynx. As a workaround future versions of Apache will ignore
329    this header when sent by the Lynx client.</p>
330
331    <h3><a id="ie40-vary" name="ie40-vary">MSIE 4.0 mishandles Vary
332    response header</a></h3>
333
334    <p>MSIE 4.0 does not handle a Vary header properly. The Vary
335    header is generated by mod_rewrite in apache 1.3. The result is
336    an error from MSIE saying it cannot download the requested
337    file. There are more details in <a
338    href="http://bugs.apache.org/index/full/4118">PR#4118</a>.</p>
339
340    <p>A workaround is to add the following to your server's
341    configuration files:</p>
342<pre>
343    BrowserMatch "MSIE 4\.0" force-no-vary
344</pre>
345
346    <p>(This workaround is only available with releases
347    <strong>after</strong> 1.3.6 of the Apache Web server.)</p>
348        <hr />
349
350    <h3 align="CENTER">Apache HTTP Server Version 1.3</h3>
351    <a href="./"><img src="../images/index.gif" alt="Index" /></a>
352    <a href="../"><img src="../images/home.gif" alt="Home" /></a>
353
354  </body>
355</html>
356
357