1

I've discovered that if you send a request with an empty POST body, meaning no Content-Length header, the GCP Load Balancer (in this case from an Ingress controller through GKE) will reject your request with this error:

$ curl -L -X POST 'http://example.com/fund?amount=0'

<html><head>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<title>411 Length Required</title>
</head>
<body text=#000000 bgcolor=#ffffff>
<h1>Error: Length Required</h1>
<h2>POST requests require a <code>Content-length</code> header.</h2>
<h2></h2>
</body></html>

Assume I can't change the clients, is there some way to make the LB just accept empty bodies in POST requests?

Daniel Porteous
  • 5,536
  • 3
  • 25
  • 44
  • 1
    Can you add the header `content-length: 0` to the HTTP POST request? `curl -L -X POST -H 'content-length: 0' 'http://example.com/fund?amount=0'` – John Hanley Sep 30 '22 at 04:45
  • Unfortunately not, assume I can't change the clients, meaning I can't submit an empty POST body or add headers. – Daniel Porteous Sep 30 '22 at 05:25
  • What happens if you test with the curl example? – John Hanley Sep 30 '22 at 06:41
  • @Daniel Porteous By any chance, does this curl command ```curl -sv --http1.1 -X POST "http://example.com/fund?amount=0"``` display if the requests sent are HTTP/1.1 or HTTP/1.0? – James S Sep 30 '22 at 06:55
  • @JohnHanley it works if you add the header like you say. James it uses HTTP/1.0 by the looks of it. Note that I don't have control over the clients, so in the first case I can't add such a header and in the second case, different clients theoretically might try different HTTP versions. I'm looking for a GCP LB side fix. – Daniel Porteous Sep 30 '22 at 15:51

1 Answers1

2

The workarounds available as of the moment would be adding content headers content-length: 0 if you are to send HTTP POST requests with empty body. Per this RFC 2616 documentation:

If no response body is included, the response MUST include a Content-Length field with a field-value of "0"

Or to set the client to use http/1.1 as default:

For compatibility with HTTP/1.0 applications, HTTP/1.1 requests containing a message-body MUST include a valid Content-Length header field unless the server is known to be HTTP/1.1 compliant. If a request contains a message-body and a Content-Length is not given, the server SHOULD respond with 400 (bad request) if it cannot determine the length of the message, or with 411 (length required) if it wishes to insist on receiving a valid Content-Length.

Both options require intervention from the client side. Unfortunately, there are no available workarounds/adjustments that can be done from the GCP Load Balancer side at this time.

Daniel Porteous
  • 5,536
  • 3
  • 25
  • 44
James S
  • 1,181
  • 1
  • 7