The 100-Continue mechanism doesn't work correctly

[jacekmaza]

The 100-Continue mechanism doesn't seem to work correctly when forwarding requests to the upstream server.

This is visible in particular in failure cases - e.g. 401 Unauthorized

Current behaviour

1. Client sends a POST request with a relatively big request body and the Expect: 100-continue header but with incorrect basic-auth credentials (Authorization header)
2. Fabio doesn't include the Expect header in the http request forwarded to the upstream server
3. Fabio sends back to the client HTTP/1.1 100 Continue before it gets any feedback from the upstream server
4. Client starts uploading the request body
5. Fabio starts streaming the request body to the upstream server
6. Upstream server responds with HTTP/1.1 401 Unauthorized
7. Fabio forwards the HTTP/1.1 401 Unauthorized back to the client

It "works" from the client perspective as finally it gets the HTTP/1.1 401 Unauthorized response.

The problem is that the client should never start uploading the request body in this scenario which is the main point of the 100-Continue mechanism.

Expected behaviour error case
As per https://www.w3.org/Protocols/rfc2616/rfc2616-sec8.html (section 8.2.3 Use of the 100 (Continue) Status)

1. Client sends a POST request with a relatively big request body and the Expect: 100-continue header but with incorrect basic-auth credentials (Authorization header)
2. Fabio forwards the request to the upstream server including the Expect header
3. Upstream server responds with HTTP/1.1 401 Unauthorized
4. Fabio forwards the HTTP/1.1 401 Unauthorized back to the client

Expected behaviour success case

1. Client sends a POST request with a relatively big request body and the Expect: 100-continue header and with valid Authorization header
2. Fabio forwards the request to the upstream server including the Expect header
3. Upstream server responds with HTTP/1.1 100 Continue
4. Fabio forwards the HTTP/1.1 100 Continue back to the client
5. Client starts uploading the request body
6. Fabio starts streaming the request body to the upstream server
7. Upstream server responds with HTTP/1.1 201 Created
8. Fabio forwards the HTTP/1.1 201 Created back to the client

[sielaq]

Seems like this is related to
golang/go#3665
which is fixed in go1.6
@jacekmaza we can verify it tomorrow.

[magiconair]

I've just pushed release 1.1rc1 so you can find binaries and a docker image to test. This was compiled with Go 1.6rc2. I'll release 1.1 once Go 1.6 is out.

[sielaq]

we have tried today with 1.1 (with go1.6.rc2) but unfortunately same problem still exists.
Wonder if some extra flag need to set to turn on a proper behavior of library.

[jrwren]

AFAICT net/http automatically replies with 100-continue BEFORE ServeHTTP is called, thus preventing step 3 from happening before other steps in the given expected cases above.

https://go.googlesource.com/go/+/master/src/net/http/server.go#1680