DOC: management: Clearly state "show errors" only reports malformed H1 messages

For now, only the H1 multiplexer is able to capture malformed messages. So
it is better to update the management guide accordingly to avoid any
confusion.
This commit is contained in:
Christopher Faulet 2024-11-20 18:08:15 +01:00
parent e863d8d681
commit 667ac8acc6

View File

@ -2820,14 +2820,14 @@ show env [<name>]
can only be issued on sockets configured for levels "operator" or "admin". can only be issued on sockets configured for levels "operator" or "admin".
show errors [<iid>|<proxy>] [request|response] show errors [<iid>|<proxy>] [request|response]
Dump last known request and response errors collected by frontends and Dump last known HTTP/1.x request and response errors collected by frontends
backends. If <iid> is specified, the limit the dump to errors concerning and backends. If <iid> is specified, the limit the dump to errors concerning
either frontend or backend whose ID is <iid>. Proxy ID "-1" will cause either frontend or backend whose ID is <iid>. Proxy ID "-1" will cause all
all instances to be dumped. If a proxy name is specified instead, its ID instances to be dumped. If a proxy name is specified instead, its ID will be
will be used as the filter. If "request" or "response" is added after the used as the filter. If "request" or "response" is added after the proxy name
proxy name or ID, only request or response errors will be dumped. This or ID, only request or response errors will be dumped. This command is
command is restricted and can only be issued on sockets configured for restricted and can only be issued on sockets configured for levels "operator"
levels "operator" or "admin". or "admin".
The errors which may be collected are the last request and response errors The errors which may be collected are the last request and response errors
caused by protocol violations, often due to invalid characters in header caused by protocol violations, often due to invalid characters in header
@ -4537,17 +4537,17 @@ connections are handled in parallel, though the "debug2ansi" and "debug2html"
scripts found in the examples/ directory definitely help here by coloring the scripts found in the examples/ directory definitely help here by coloring the
output. output.
If a request or response is rejected because HAProxy finds it is malformed, the If a HTTP/1.x request or response is rejected because HAProxy finds it is
best thing to do is to connect to the CLI and issue "show errors", which will malformed, the best thing to do is to connect to the CLI and issue "show
report the last captured faulty request and response for each frontend and errors", which will report the last captured faulty HTTP/1.x request and
backend, with all the necessary information to indicate precisely the first response for each frontend and backend, with all the necessary information to
character of the input stream that was rejected. This is sometimes needed to indicate precisely the first character of the input stream that was
prove to customers or to developers that a bug is present in their code. In this rejected. This is sometimes needed to prove to customers or to developers that a
case it is often possible to relax the checks (but still keep the captures) bug is present in their code. In this case it is often possible to relax the
using "option accept-unsafe-violations-in-http-request" or its equivalent for checks (but still keep the captures) using "option
responses coming from the server "option accept-unsafe-violations-in-http-request" or its equivalent for responses coming
accept-unsafe-violations-in-http-response". Please see the configuration manual from the server "option accept-unsafe-violations-in-http-response". Please see
for more details. the configuration manual for more details.
Example : Example :