commit d48bfb6983a3d28183b068a4f8975c1c5cd05978
author Christopher Faulet <cfaulet@haproxy.com> Tue Feb 28 18:51:26 2023 +0100
committer Christopher Faulet <cfaulet@haproxy.com> Tue Feb 28 18:51:27 2023 +0100
tree 290e723a4f7bd04f3189ece57aa4e50d64407215
parent 0506d9de512291ed2526654800b98a2317a67b6d

BUG/MINOR: http-check: Skip C-L header for empty body when it's not mandatory

The Content-Length header is always added into the request for an HTTP
health-check. However, when there is no payload, this header may be skipped
for OPTIONS, GET, HEAD and DELETE methods. In fact, it is a "SHOULD NOT" in
the RCF 9110 (#8.6).

It is not really an issue in itself but it seems to be an issue for AWS
ELB. It returns a 400-Bad-Request if a HEAD/GET request with no payload
contains a Content-Length header.

So, it is better to skip this header when possible.

This patch should fix the issue #2026. It could be backported as far as 2.2.

src/tcpcheck.c

diff --git a/src/tcpcheck.c b/src/tcpcheck.c
index 07d16aa..288bd19 100644
--- a/src/tcpcheck.c
+++ b/src/tcpcheck.c
@@ -1459,12 +1459,18 @@
 		}
 		else
 			body = send->http.body;
-		clen = ist((!istlen(body) ? "0" : ultoa(istlen(body))));
 
-		if ((!connection_hdr && !htx_add_header(htx, ist("Connection"), ist("close"))) ||
-		    !htx_add_header(htx, ist("Content-length"), clen))
+		if (!connection_hdr && !htx_add_header(htx, ist("Connection"), ist("close")))
 			goto error_htx;
 
+		if ((send->http.meth.meth != HTTP_METH_OPTIONS &&
+		     send->http.meth.meth != HTTP_METH_GET &&
+		     send->http.meth.meth != HTTP_METH_HEAD &&
+		     send->http.meth.meth != HTTP_METH_DELETE) || istlen(body)) {
+			clen = ist((!istlen(body) ? "0" : ultoa(istlen(body))));
+			if (!htx_add_header(htx, ist("Content-length"), clen))
+				goto error_htx;
+		}
 
 		if (!htx_add_endof(htx, HTX_BLK_EOH) ||
 		    (istlen(body) && !htx_add_data_atonce(htx, body)))