The nnCoection response header

June 18, 2009 01:44Tal KedarNo Comments »

I thought I’ve stumbled on some hand-crafted response from Amazon: 

$ nc -vv www.amazon.com 80
Connection to www.amazon.com 80 port [tcp/http] succeeded!
GET / HTTP/1.1

HTTP/1.1 400 Bad Request
Date: Wed, 17 Jun 2009 22:31:39 GMT
Server: Server
Content-Length: 226
nnCoection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
</p>
</body></html>
Note the nnCoection: close response header. The 400 response is returned, in this case, because of a missing Host request header.

Turns out the spelling mistake is intentional – Andrew Wooster’s excellent post claims that the header is changed by a load-balancing service, overriding the web server’s directive. A comment on that post identifies the service as the Citrix NetScaler appliance, and explains the logic of scrambling rather than removing the header altogether. Cool stuff.

http

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>