我有一个 apache,它作为 Netscale 网关的反向代理。有时它可以工作,但在许多情况下,请求以 500 结束。日志总是给出相同的错误类型:
[Mon Aug 20 12:51:24.541905 2018] [http:error] [pid 4919:tid 140600024221440] [client 192.168.22.194:40187] AH02430: Response header 'Set-Cookie' value of 'NSC_TASS=\x0fi\xd4a\xbd\x8e\xcf\xdek\x18\xcd:\x01\xc6d\xf1\xe6;HttpOnly;Path=/;Secure' contains invalid characters, aborting request
[Mon Aug 20 13:03:09.550947 2018] [http:error] [pid 5023:tid 140354590320384] [client 192.168.22.194:24541] AH02430: Response header 'Set-Cookie' value of 'NSC_TASS=le8M1TpPxu5GG1h8nEom8vsA\xe3\x06\x87\x8fnId=&janusWebEvent=PDClass.getJanusServerPage_webEvent_nextPhaseGC2%2C114078_pid_pdPreview_imgPath_res133136%2Fimg%2F_cid_10_clName_ADV_oidHi_10_oidLow_114073;HttpOnly;Path=/;Secure' contains invalid characters, aborting request
[Mon Aug 20 13:09:15.239058 2018] [http:error] [pid 5330:tid 140134346917632] [client 192.168.22.194:40606] AH02430: Response header 'Set-Cookie' value of 'NSC_TASS=\x95\x15\xa91e\xf8\xc8\x96\xdfI\x02\x89\xf4y\x05\xf2&;HttpOnly;Path=/;Secure' contains invalid characters, aborting request
我认为这是 cookie 值中的反斜杠,因为不允许使用反斜杠。apache 可以跳过对此的验证,还是我可以编写规则将 cookie 值重写为 url-encoding\utf-8... 值?
我的配置:
<VirtualHost *:80> # a balancer managed the ssl
ServerName ng.subdomain.domain.tld
SSLProxyEngine On
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
ProxyRequests Off
#ProxyPreserveHost On
ProxyPass / https://ng.domain2.tld/
ProxyPassReverse / https://ng.domain2.tld/
#ProxyPass / wss://ng.domain2.tld/
#ProxyPassReverse / wss://ng.domain2.tld/
ProxyPassReverseCookieDomain ng.subdomain.domain.tld ng.domain2.tld
</VirtualHost>