Solved

Squid2.0 TCP_DENIED/400 5601 error with LONG URL

Posted on 2009-05-12
2
554 Views
Last Modified: 2013-12-15
One of our developers is trying to use some long html string requests through an open portal through a service that we use online. He's sending the requests through a developed VB application that we currently use the same way, just nothing even CLOSE to a string this long.

saw these 2 configs in the squid.conf, but the body_size is set to default, so it sounds like it should be good to me.
#Default:
# request_header_max_size 20KB
#Default:
# request_body_max_size 0 KB

the string won't work if you test it as I removed a few lines (passwords and such).

If I bypass the software around the proxy, it works fine. below is the coded error:

any ideas on where to start? Need to see my squid.conf?
1242070293.835      0 172.19.6.68 TCP_DENIED/400 5601 GET http://open.peoplenetonline.com/scripts/open.dll?service=imessage_send&xml=%3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22ISO%2D8859%2D1%22%3F%3E%3C!DOCTYPE%20pnet_imessage_send%20PUBLIC%20%22%2D%2F%2FPeopleNet%2F%2Fpnet_imessage_send%22%20%22http%3A%2F%2Fopen.peoplenetonline.com%2Fdtd%2Fpnet_imessage_send.dtd%22%3E%3Cpnet_imessage_send%3E%%3C%2Fcid%3E%3Cpw%%2Fpw%3E%3E%3Cdeliver%3Enow%3C%2Fdeliver%3E%3Cformdata%3E%3Cform_id%3E39190%3C%2Fform_id%3E%3Cim_field%3E%3Cquestion_number%3E14%3C%2Fquestion_number%3E%3Cdata%3E%3Cdata_numeric%2Denhanced%3E1142%3C%2Fdata_numeric%2Denhanced%3E%3C%2Fdata%3E%3C%2Fim_field%3E%3Cim_field%3E%3Cquestion_number%3E15%3C%2Fquestion_number%3E%3Cdata%3E%3Cdata_text%3ENone%3C%2Fdata_text%3E%3C%2Fdata%3E%3C%2Fim_field%3E%3Cim_field%3E%3Cquestion_number%3E16%3C%2Fquestion_number%3E%3Cdata%3E%3Cdata_text%3EPOPLAR%20BLUFF%20%231%2C%20MO%3C%2Fdata_text%3E%3C%2Fdata%3E%3C%2Fim_field%3E%3Cim_field%3E%3Cquestion_number%3E17%3C%2Fquestion_number%3E%3Cdata%3E%3Cdata_text%3E12345678901234567890123456789%3C%2Fdata_text%3E%3C%2Fdata%3E%3C%2Fim_field%3E%3Cim_field%3E%3Cquestion_number%3E18%3C%2Fquestion_number%3E%3Cdata%3E%3Cdata_text%3E1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890%3C%2Fdata_text%3E%3C%2Fdata%3E%3C%2Fim_field%3E%3Cim_field%3E%3Cquestion_number%3E19%3C%2Fquestion_number%3E%3Cdata%3E%3Cdata_text%3ECAPE%20GIRARDEAU%2FSCOTT%20CITY%3C%2Fdata_text%3E%3C%2Fdata%3E%3C%2Fim_field%3E%3Cim_field%3E%3Cquestion_number%3E22%3C%2Fquestion_number%3E%3Cdata%3E%3Cdata_text%3E89%20UNL%2010%25E%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3C%2Fdata_text%3E%3C%2Fdata%3E%3C%2Fim_field%3E%3Cim_field%3E%3Cquestion_number%3E23%3C%2Fquestion_number%3E%3Cdata%3E%3Cdata_numeric%2Denhanced%3E4435%3C%2Fdata_numeric%2Denhanced%3E%3C%2Fdata%3E%3C%2Fim_field%3E%3Cim_field%3E%3Cquestion_number%3E24%3C%2Fquestion_number%3E%3Cdata%3E%3Cdata_numeric%2Denhanced%3E5000%3C%2Fdata_numeric%2Denhanced%3E%3C%2Fdata%3E%3C%2Fim_field%3E%3Cim_field%3E%3Cquestion_number%3E25%3C%2Fquestion_number%3E%3Cdata%3E%3Cdata_text%3E89%20UNL%2010%25E%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3C%2Fdata_text%3E%3C%2Fdata%3E%3C%2Fim_field%3E%3Cim_field%3E%3Cquestion_number%3E26%3C%2Fquestion_number%3E%3Cdata%3E%3Cdata_numeric%2Denhanced%3E7416%3C%2Fdata_numeric%2Denhanced%3E%3C%2Fdata%3E%3C%2Fim_field%3E%3Cim_field%3E%3Cquestion_number%3E27%3C%2Fquestion_number%3E%3Cdata%3E%3Cdata_numeric%2Denhanced%3E3500%3C%2Fdata_numeric%2Denhanced%3E%3C%2Fdata%3E%3C%2Fim_field%3E%3Cim_field%3E%3Cquestion_number%3E28%3C%2Fquestion_number%3E%3Cdata%3E%3Cdata_text%3ENA%3C%2Fdata_text%3E%3C%2Fdata%3E%3C%2Fim_field%3E%3Cim_field%3E%3Cquestion_number%3E29%3C%2Fquestion_number%3E%3Cdata%3E%3Cdata_numeric%2Denhanced%3E0%3C%2Fdata_numeric%2Denhanced%3E%3C%2Fdata%3E%3C%2Fim_field%3E%3Cim_field%3E%3Cquestion_number%3E30%3C%2Fquestion_number%3E%3Cdata%3E%3Cdata_numeric%2Denhanced%3E0%3C%2Fdata_numeric%2Denhanced%3E%3C%2Fdata%3E%3C%2Fim_field%3E%3Cim_field%3E%3Cquestion_number%3E33%3C%2Fquestion_number%3E%3Cdata%3E%3Cdata_date%2Dtime%3E05%2F10%2F09%2011%3A00%3C%2Fdata_date%2Dtime%3E%3C%2Fdata%3E%3C%2Fim_field%3E%3Cim_field%3E%3Cquestion_number%3E34%3C%2Fquestion_number%3E%3Cdata%3E%3Cdata_date%2Dtime%3E05%2F10%2F09%2010%3A00%3C%2Fdata_date%2Dtime%3E%3C%2Fdata%3E%3C%2Fim_field%3E%3Cim_field%3E%3Cquestion_number%3E35%3C%2Fquestion_number%3E%3Cdata%3E%3Cdata_numeric%2Denhanced%3E20%3C%2Fdata_numeric%2Denhanced%3E%3C%2Fdata%3E%3C%2Fim_field%3E%3Cim_field%3E%3Cquestion_number%3E36%3C%2Fquestion_number%3E%3Cdata%3E%3Cdata_numeric%2Denhanced%3E2043466%3C%2Fdata_numeric%2Denhanced%3E%3C%2Fdata%3E%3C%2Fim_field%3E%3Cim_field%3E%3Cquestion_number%3E37%3C%2Fquestion_number%3E%3Cdata%3E%3Cdata_numeric%2Denhanced%3E114%3C%2Fdata_numeric%2Denhanced%3E%3C%2Fdata%3E%3C%2Fim_field%3E%3Cim_field%3E%3Cquestion_number%3E38%3C%2Fquestion_number%3E%3Cdata%3E%3Cdata_numeric%2Denhanced%3E9004%3C%2Fdata_numeric%2Denhanced%3E%3C%2Fdata%3E%3C%2Fim_field%3E%3Cim_field%3E%3Cquestion_n - NONE/- text/html

Open in new window

0
Comment
Question by:eah6122
2 Comments
 
LVL 11

Accepted Solution

by:
climbgunks earned 500 total points
ID: 24381495

I believe there is/was a hard-coded max url length of 4096 characters (including terminators).   The portion you pasted above was well over 4000 characters, and you say you cut part of it, so you're probably pushing the limit.

--Todd
0
 

Author Comment

by:eah6122
ID: 24384916
I have verified this.
cache.log:
2009/05/14 08:04:18| urlParse: URL too large (4337 bytes)

http://www.mail-archive.com/squid-users@squid-cache.org/msg59758.html

looks like I'll have to route them around the proxy for now since upgrading isn't high on our list right now.

Thanks for the help.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Linux Mint 18 31 73
AWS CLI - Issue with name display 2 47
Python variable _ manually assigned 9 61
Help on running oracle SQL script in linux 3 27
Foreword In the years since this article was written, numerous hacking attacks have targeted password-protected web sites.  The storage of client passwords has become a subject of much discussion, some of it useful and some of it misguided.  Of cou…
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now