Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] Changes in Jetty socket close behavior from 9.2 -> 9.4

Thanks again, you guys have been super helpful. I found where this happens in the Jetty code (I think), org.eclipse.jetty.server.HttpConnection#onCompleted.  Unfortunately, it appears Varnish cannot currently deal with this, and at least one guy on the list thinks this behavior violates the spec, see https://varnish-cache.org/lists/pipermail/varnish-misc/2018-September/026501.html.  From my reading of https://tools.ietf.org/html/rfc7230#section-6.6 it's a bit unclear.

-Tommy

On Wed, Sep 26, 2018 at 6:15 PM Greg Wilkins <gregw@xxxxxxxxxxx> wrote:

Thomas,

Exactly what Simone said!

Jetty is not closing the connection because an error response was sent. It is JAX-RS generating the error page, and it chooses not to add connection:close.

But it also has not read all the content, so jetty aborts the connection when it sees an incomplete request message that it would have to block to read the rest of it.

Again, you could add a filter to always consume the input... or modify JAX-RS error handler so it says connection:close

cheers






On Thu, 27 Sep 2018 at 07:59, Simone Bordet <sbordet@xxxxxxxxxxx> wrote:
Hi,

On Wed, Sep 26, 2018 at 1:29 PM Tommy Becker <twbecker@xxxxxxxxx> wrote:
>
> We definitely do not see one. But I'm still a bit confused as to how Jetty is determining that it wants to close the connection. Although our JAX-RS resource throws an exception, that exception should be handled by the JAX-RS runtime and not propagated to Jetty (We have ExceptionMappers defined for everything). So our application is generating the response and not Jetty itself.
>

After generating the response, the control goes back to Jetty.
There, Jetty finds that there is unread content left in some buffers,
and consumes it.
After consuming the content that has already arrived to the server,
Jetty figures out that not all of it has arrived.
Now Jetty cannot wait for more content to arrive, because there is
nothing to give the content to, as the application is already done and
has already responded.
And Jetty itself cannot block a thread and wait for the rest of the
content to arrive because that would be an attack vector for nasty
clients.
The only choice is for Jetty to close the connection.

--
Simone Bordet
----
http://cometd.org
http://webtide.com
Developer advice, training, services and support
from the Jetty & CometD experts.
_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users


--
_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users

Back to the top