4D Web Server 503 Errors
Cannon Smith (3/27/14 10:00AM)
Milan Adamov (3/27/14 5:36PM)
Cannon Smith (3/27/14 10:00 AM)
Hi All,
Iím new to using 4Dís web server and have run into an issue that I
donít know how to track down. It seems that if a browser changes IP
addresses, 4D starts returning 503 errors. For example, if I take my
iPhoneís browser and connect to the website over the cellular network,
the website works. But if I go into a library where wifi is available,
I start getting 503 errors.
Any ideas on what I should look at? This is in v14.0.
Thanks.
--
Cannon Smith
Synergy Farm Solutions Inc.
Hill Spring, AB Canada
403-626-3236
<cannon@...
<www.synergyfarmsolutions.com>
Milan Adamov (3/27/14 5:36 PM)
On 27.03.2014., at 17.00, Cannon Smith
<cannon@... wrote:
color><param>00000,0000,DDEE/param>HHi All,
Iím new to using 4Dís web server and have run into an issue that I
donít know how to track down. It seems that if a browser changes IP
addresses, 4D starts returning 503 errors. For example, if I take my
iPhoneís browser and connect to the website over the cellular network,
the website works. But if I go into a library where wifi is available,
I start getting 503 errors.
Any ideas on what I should look at? This is in v14.0.
/color>
Hi Cannon,
there is a bug
ACI0086666 : [128352] changing from wifi to 3G error 503
which was fixed in build 154972 and later, including v13 and v14
branch. However, that bug fix won't help, the bug is actually that you
should receive error 400, not 503 and the session should be closed,
reloading the page again creates new session. But, as Add wrote in
this tech note
http://kb.4d.com/assetid=76521
4D considers this as big security issue, this is from technical note:
In order for 4D Web Server to route the execution scope to the right
session, the above two values must be validated to one of the
previously generate sessions. If the request has a valid session id
but the IP address is different from the last request, 4D recognizes
it as a security thread and returns a 400 error. This assumption is
that each session ID is guaranteed to be unique and it can be assigned
one IP address only. If an unidentified IP is making a request with a
known session ID, it will be rejected
On the other hand we have feature request related to this bug here:
http://forums.4d.fr/Post/EN/14298832/1/14298833
to allow customization of error message displayed.
Regards,
Milan
Reply to this message
Summary created 3/27/14 at 1:13PM by Intellex Corporation
Comments welcome at: feedback@intellexcorp.com