REFUSED_STREAM for http/2 POST to nginx

[jeroen]

We are working on a new API based on express.js behind nginx. Everything works for HTTP1, but for (lib)curl client which are built --with-nghttp2 any POST request fails with CURLE_HTTP2_STREAM.

Below a reproducible example that fails with libcurl 7.50.3 (--with-nghttp2)

curl -v https://builder.r-hub.io/api/check/validate_email \
 -H 'Content-Type: application/json' \
 -d '{"email":"somebody@gmail.com"}'

Example output: https://git.io/vPfIS Is this a bug in libcurl or a nginx config problem?

@tatsuhiro-t @gaborcsardi

[bagder]

This sounds like a suspicious nginx issue. What nginx version are you running this against?

[gaborcsardi]

nginx version: nginx/1.10.1

ubuntu@ip:~$ dpkg -l | grep nginx
ii  nginx                               1.10.1-0+trusty0                 all          small, powerful, scalable web/proxy server
ii  nginx-common                        1.10.1-0+trusty0                 all          small, powerful, scalable web/proxy server - common files
ii  nginx-full                          1.10.1-0+trusty0                 amd64        nginx web/proxy server (standard version)

I can also share the config if you need it.

[gaborcsardi]

The web apps are managed by dokku (https://github.com/dokku/dokku), which generated the nginx config, and supposedly auto-detects if nginx supports http/2, based on version numbers: https://github.com/dokku/dokku/blob/cb9c5b6988b9c8471cf5ca764d9c361af03327f0/plugins/nginx-vhosts/functions#L151

[bagder]

I think this is the same flaw discussed for example here: square/okhttp#2506

It is apparently fixed in nginx 1.11 and their changelog seems to mention it.

[gaborcsardi]

That's indeed plausible. Let me see if I can upgrade nginx. It might take a day or two.

[jeroen]

@gaborcsardi you can probably upgrade via the nginx ubuntu PPA:

sudo add-apt-repository nginx/development
sudo apt-get update
sudo apt-get dist-upgrade

[gaborcsardi]

@jeroenooms Thanks!

Just for the record, I did:

sudo add-apt-repository ppa:nginx/development
sudo apt-get update
sudo apt-get install nginx nginx-common nginx-full
sudo service nginx restart

and then everything is fine! Thanks all for the help!

[jeroen]

OK I think this is solved. Perhaps communicate to the dokku folks that they should not enable http/2 for nginx 1.10?

[gaborcsardi]

@jeroenooms Good idea. Will do.

[gaborcsardi]

For the record 1.11.3 didn't work well with dokku, not sure why, but I had to downgrade quickly and disable http2.