RE: [squid-users] Re: WARNING: unparseable HTTP header field {:: }

From: Jenny Lee <bodycare_5_at_live.com>
Date: Tue, 12 Nov 2013 18:45:57 +0000

They generate huge log files. We turn them off. Here it a patch for 3.3.10 if you need to suppress them.

Some of the cache log options should have config entries as they generate clutter and hide more important issues. We remove the following as well:

* "Username ACLs are not reliable here"
* "ACL is used but there is no HTTP request" (generates very huge files when peer is dead)
* "Failed to select source for" (Fixed in 3.3.10)
* Host Header Forgery crap

J

--- HttpHeader.cc.orig 2013-11-08 11:33:47.965826408
+++ HttpHeader.cc 2013-11-08 11:34:56.248823857
@@ -620,7 +620,7 @@ HttpHeader::parse(const char *header_sta
 
         if (field_start == field_end) {
             if (field_ptr < header_end) {
- debugs(55, DBG_IMPORTANT, "WARNING: unparseable HTTP header field near {" <<
+ debugs(55, 3, "WARNING: unparseable HTTP header field near {" <<
                        getStringPrefix(field_start, header_end) << "}");
                 goto reset;
             }
@@ -629,7 +629,7 @@ HttpHeader::parse(const char *header_sta
         }
 
         if ((e = HttpHeaderEntry::parse(field_start, field_end)) == NULL) {
- debugs(55, DBG_IMPORTANT, "WARNING: unparseable HTTP header field {" <<
+ debugs(55, 3, "WARNING: unparseable HTTP header field {" <<
                    getStringPrefix(field_start, field_end) << "}");
             debugs(55, Config.onoff.relaxed_header_parser <= 0 ? 1 : 2,
                    " in {" << getStringPrefix(header_start, header_end) << "}");

> From: brian.duncan_at_kattenlaw.com
> To: squid-users_at_squid-cache.org
> Date: Tue, 12 Nov 2013 18:24:48 +0000
> Subject: RE: [squid-users] Re: WARNING: unparseable HTTP header field {:: }
>
> Is there any way to turn off reporting of unparseable HTTP headers for these?
>
> I get them also all day only for lijit.com. I know I can choose to block the domain, was just curious if there was a way to put something in the conf that will prevent these from being logged. I searched through the archives for this mailing list and could not find anything definitive. Is there even any value in having this feedback?
>
> 2013/11/12 09:54:26 kid1| ctx: exit level 0
> 2013/11/12 09:54:26 kid1| ctx: enter level 0: 'http://vap5dfw1.lijit.com/www/delivery/lg.php?bannerid=24091&campaignid=232&cids=23
> 2&bids=24091&zoneid=183788&retarget_matches=null&tid=4261995064_183788_a3f2bede5bd5486b923050d6938005c2&channel_ids=,&fpr=c5de34fca
> 55a8e61eda787785db9a4c3&loc=http%3A%2F%2Ffmsads.com%2Freq%3Fau%3D121&referer=http%3A%2F%2Ffmsads.com%2Freq%3Fau%3D121&cb=34826104'
> 2013/11/12 09:54:26 kid1| WARNING: unparseable HTTP header field {:: }
>
> Thanks
>
>
>
>
>
>
> -----Original Message-----
> From: Ralf Hildebrandt [mailto:Ralf.Hildebrandt_at_charite.de]
> Sent: Tuesday, November 12, 2013 4:18 AM
> To: squid-users_at_squid-cache.org
> Subject: Re: [squid-users] Re: WARNING: unparseable HTTP header field {:: }
>
> * Dr.x <ahmed.zaeem_at_netstream.ps>:
>
>> well , if this is just error for lijit.com website , i can remove
>> redirecting this website to squid and let my head clear.
>
> just block them, all they do is to serve ads!
>
> --
> Ralf Hildebrandt Charite Universitätsmedizin Berlin
> ralf.hildebrandt_at_charite.de Campus Benjamin Franklin
> http://www.charite.de Hindenburgdamm 30, 12203 Berlin
> Geschäftsbereich IT, Abt. Netzwerk fon: +49-30-450.570.155
>
> ===========================================================
> CIRCULAR 230 DISCLOSURE: Pursuant to Regulations Governing Practice Before the Internal Revenue
> Service, any tax advice contained herein is not intended or written to be used and cannot be used
> by a taxpayer for the purpose of avoiding tax penalties that may be imposed on the taxpayer.
> ===========================================================
> CONFIDENTIALITY NOTICE:
> This electronic mail message and any attached files contain information intended for the exclusive
> use of the individual or entity to whom it is addressed and may contain information that is
> proprietary, privileged, confidential and/or exempt from disclosure under applicable law. If you
> are not the intended recipient, you are hereby notified that any viewing, copying, disclosure or
> distribution of this information may be subject to legal restriction or sanction. Please notify
> the sender, by electronic mail or telephone, of any unintended recipients and delete the original
> message without making any copies.
> ===========================================================
> NOTIFICATION: Katten Muchin Rosenman LLP is an Illinois limited liability partnership that has
> elected to be governed by the Illinois Uniform Partnership Act (1997).
> ===========================================================
Received on Tue Nov 12 2013 - 18:46:05 MST

This archive was generated by hypermail 2.2.0 : Wed Nov 13 2013 - 12:00:03 MST