[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 223
  • Last Modified:

Premature end of script headers and 500 error on POST

When I run my HTML form from a pc with Internet Explorer 4.0 installed, I get a 500 Error/Server Misconfigured. The access log contains a 401 Unauthorized error and then I get a Premature end of Script headers message in the error log.    The forms work when run on Netscape or the previous version of Internet Explorer.  The IE browser runs from a PC on a local area network.    The server, Apache 1.24b, is installed on a Dec Unix system.  The HTML forms, c and perl scripts execute on the Unix system.  The HTTP protocol for the IE is HTTP/1.1 and the HTTP protocol used by our version of Netscape is HTTP/1.0.  I believe that a protocol difference in HTTP/1.0 and 1.1 or a problem with the way the Internet Explorer authentication method is set up could be causing the problem because I have been able to run some forms even after receiving these messages.  Also forms using the POST request method are affected, but those with GET are still working.
0
dmh1
Asked:
dmh1
  • 5
  • 3
  • 2
  • +1
1 Solution
 
dmh1Author Commented:
Edited text of question
0
 
dmh1Author Commented:
Edited text of question
0
 
fasterCommented:
In http 1.1, the response header must contain Content-length, probably your cgi does not output it?
0
Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

 
mouattsCommented:
Assuming that Appache is using 1.0 then you can work around the problem by turning 1.1 off in IE. The option is under Internet Options/advanced/HTTP 1.1 settings.

This is not a bad idea at the moment because there are stil a lot of servers and proxies using 1.0 that get upset with 1.1 messages. In addition the earlier versions of IE4 do not actually output 1.1 even with these options checked.

Steve
0
 
dmh1Author Commented:
This is a workaround but doesn't really solve the problem.  And I don't know that it is a server problem.  However I do have additional information.  When I use the form, my userid and password in requested.  After entering the data, the access log contains a 401 error, and the error log, premature end of script headers.  If I use the back button, and resubmit the form (no
authentication requested) it works fine.  When I print the REQUEST_METHOD, immediately after the authentication is submitted the name/value pairs preceed the POST as part of the REQUEST_METHOD.  Example:
name=val&name2=val2&name3=val3&name4=POST
After going back and resubmitting the form (even though the 401 error is in the access log, the userid/password is not requested again), the REQUEST_METHOD is POST, as it should be.  
0
 
mouattsCommented:
If the problem is the HTTP version my workaround is in fact a solution. Nevertheless did you try it?

Alternatively if you accessing the HTML as the default page (ie index.html) of the domain some servers (I don't know about apache) treat this as different to when you specify the domain name and the file name from a security point of view. Such settings are worth checking. This is also true when a virtual directory is used that points to the root directory.


0
 
dmh1Author Commented:
Yes I did try your suggestion and it does work.  And you are correct in that it seems to be a problem with the http1.1 protocol.  This affects several forms and we have many users on the intranet and I prefer not to have them alter their settings but if it is necessary, so be it.    Also your suggestion pointed me back to the Apache error log (once I had run a cgi diagnostics script to get the environment variables set by the server) and Apache may have a workaround that I can put in one of the configuration files.  I intend to try that in the morning, although I haven't found a clear description of this particualar problem in their bug database.  We use server side includes, and when I printed the environment variables that were set by the server in my little debug script, the content_type, mime_type, and one other variable (I don't remember which one right now and I'm at home and can't check it)
had the values in there twice.  Like the strings were concatenated.  This was for the forms where the userid/passwd dialog box came up.  When I ran the forms again and the user/passwd dialog box didn't come up, the variables contained the single value or string.
Anyway you deserve the points for this because I feel much more comfortable that it is not a problem with my scripts.  After I try the test with the configuration file change, I'll put the results in the comments here for your info.  By the way, this is my first question in expert's exchange.  How do I accept your answer now?  Do you resubmit the answer or what?
0
 
mouattsCommented:
Yes I think I do have to resubmit a question and I believe that when you look at the question there is something at the bottom that alllows you too accept the answer. (I've yet to ask one so I'm not too sure). However if I'm wrong I think there is an answer in the customer service section.
0
 
dmh1Author Commented:
Actually, this problem occurs with MSIE4.01 and some other client applications which are supposed to be supporting http1.1.  Rather than have each user change the internet setting for http, Apache has a BrowserMatch statement which can be included in the httpd configuration file.  This is a better solution for us, because it requires no action on the part of the user community.  I found this problem documented in the Apache bug database but it took a while to know what to look for.
0
 
basvannulandCommented:
nvbnbvnvbn
0
 
basvannulandCommented:
im sorry, i thought this was a test case.
I have the problem right no, i get an error in Ie5 that it can't load tehe perl file, that's is.Now errornumbers what so ever.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 5
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now