You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am compiling this as a static module in NGINX 1.24.0 on Ubuntu 20.04. When the module is enabled, curl shows that the random-length HTML comment is showing up successfully.
However, a deeper dive shows that the response body is malformed GZIP data. The file format seems OK, until near the end when the random-length HTML comment shows up as plain text, not compressed. I don't think this is a security risk, since it's still inside the TLS encryption, but this malformed GZIP response has caused a monitoring issue.
A New Relic synthetic monitor, of the simple browser type, with verify SSL enabled, will error out with the errors "incorrect header check" and "Z_DATA_ERROR". It looks like New Relic is using Javascript and zlib, which errors out when given this malformed compressed response.
To see the malformed compressed response, try this:
Unfortunately we could not reproduce the issue. Could you please check your app and Nginx configuration? Perhaps you are enabling gzip in your app and not in Nginx.
I am compiling this as a static module in NGINX 1.24.0 on Ubuntu 20.04. When the module is enabled, curl shows that the random-length HTML comment is showing up successfully.
However, a deeper dive shows that the response body is malformed GZIP data. The file format seems OK, until near the end when the random-length HTML comment shows up as plain text, not compressed. I don't think this is a security risk, since it's still inside the TLS encryption, but this malformed GZIP response has caused a monitoring issue.
A New Relic synthetic monitor, of the simple browser type, with verify SSL enabled, will error out with the errors "incorrect header check" and "Z_DATA_ERROR". It looks like New Relic is using Javascript and zlib, which errors out when given this malformed compressed response.
To see the malformed compressed response, try this:
The "extra field" might be that uncompressed plain text that's tacked on to the end of the file.
Here's the response body in a hex viewer. You'll see the plain text random-length HTML comment there.
I think that the trailing garbage is what's causing my monitoring to fail.
You'll see that the random-length HTML comment does not show up at all. That's because gunzip considered it to be trailing garbage and so ignored it.
The text was updated successfully, but these errors were encountered: