We get "Bad Request" for this Query String in the Request URI when request is dent by Internet Explorer (more info below):
GET /test/proto/popuptest.aspx?MESSAGGIO=Vuole%20inviare%20la%20proposta%20di%20Determina%20alla%20Segreteria?%20(Rispondendo%20NO%20essa%20verr%C3%A0%20restituita%20al%20Responsabile%20di%20Servizio%20con%20le%20dovute%20osservazioni%20per%20l%27eventuale%20annullamento%20da%20parte%20del%20Responsabile) HTTP/1.1
The critical portion is highlighted in RED (is an accented a character).
Firefox and Chrome encode and send the URI as written above:
- Firefox and Chrome
76 65 72 72 25 43 33 25 41 30 6c 25 32 37 65 76 65 6e 74 75 61
v e r r % C 3 % A 0 l % 2 7 e v e n t u a
Internet Explorer instead decode and send the string so:
- IE
76 65 72 72 c3 a0 6c 27 65 76 65 6e 74 75 61
v e r r \303 \240 l ' e v e n t u a
this produce an URI like this (double dot instead of URL encoded accented a):
/test/proto/popuptest.aspx?MESSAGGIO=Vuole%20inviare%20la%20proposta%20di%20Determina%20alla%20Segreteria?%20(Rispondendo%20NO%20essa%20verr..%20restituita%20al%20Responsabile%20di%20Servizio%20con%20le%20dovute%20osservazioni%20per%20l%27eventuale%20annullamento%20da%20parte%20del%20Responsabile) HTTP/1.1
Our Developer say that this is the standard, and that sending directly to IIS the issue does not exist, so they stated HAProxy does not correctly interpret the IE request. The single quote " ' " after the " à " is an example of different behavior for encoding /deconding between Firefox, Chrome and IE (IE encode " ' " firefox and chrome "%27").
The standard say that unreserved chars can be interpreted by browser so, the IE behavior seems ok, also if Firefox and Chrome is less prone to problems for me...
http://tools.ietf.org/html/rfc3986#section-2.4
"...The only exception is for percent-encoded octets corresponding to characters in the unreserved set, which can be decoded at any time..."
Dot are not in the reserved chars for URI nor query string
Reserved Char
http://tools.ietf.org/html/rfc3986#section-2.2
Unreserved Char
http://tools.ietf.org/html/rfc3986#section-2.3
Can you help me ? Is this a HAProxy behavior or the IE request is really not standard so is fine for HaProxy (or other reverse-proxy) to return Dad Request ?
Thank yoy
Roberto Cazzato
GET /test/proto/popuptest.aspx?MESSAGGIO=Vuole%20inviare%20la%20proposta%20di%20Determina%20alla%20Segreteria?%20(Rispondendo%20NO%20essa%20verr%C3%A0%20restituita%20al%20Responsabile%20di%20Servizio%20con%20le%20dovute%20osservazioni%20per%20l%27eventuale%20annullamento%20da%20parte%20del%20Responsabile) HTTP/1.1
The critical portion is highlighted in RED (is an accented a character).
Firefox and Chrome encode and send the URI as written above:
- Firefox and Chrome
76 65 72 72 25 43 33 25 41 30 6c 25 32 37 65 76 65 6e 74 75 61
v e r r % C 3 % A 0 l % 2 7 e v e n t u a
Internet Explorer instead decode and send the string so:
- IE
76 65 72 72 c3 a0 6c 27 65 76 65 6e 74 75 61
v e r r \303 \240 l ' e v e n t u a
this produce an URI like this (double dot instead of URL encoded accented a):
/test/proto/popuptest.aspx?MESSAGGIO=Vuole%20inviare%20la%20proposta%20di%20Determina%20alla%20Segreteria?%20(Rispondendo%20NO%20essa%20verr..%20restituita%20al%20Responsabile%20di%20Servizio%20con%20le%20dovute%20osservazioni%20per%20l%27eventuale%20annullamento%20da%20parte%20del%20Responsabile) HTTP/1.1
Our Developer say that this is the standard, and that sending directly to IIS the issue does not exist, so they stated HAProxy does not correctly interpret the IE request. The single quote " ' " after the " à " is an example of different behavior for encoding /deconding between Firefox, Chrome and IE (IE encode " ' " firefox and chrome "%27").
The standard say that unreserved chars can be interpreted by browser so, the IE behavior seems ok, also if Firefox and Chrome is less prone to problems for me...
http://tools.ietf.org/html/rfc3986#section-2.4
"...The only exception is for percent-encoded octets corresponding to characters in the unreserved set, which can be decoded at any time..."
Dot are not in the reserved chars for URI nor query string
Reserved Char
http://tools.ietf.org/html/rfc3986#section-2.2
Unreserved Char
http://tools.ietf.org/html/rfc3986#section-2.3
Can you help me ? Is this a HAProxy behavior or the IE request is really not standard so is fine for HaProxy (or other reverse-proxy) to return Dad Request ?
Thank yoy
Roberto Cazzato