top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

SSL with Ajax and 408 error code (incomplete request)

0 votes

Has anyone happened to stumble onto this issue, please:

Our Ajax works perfectly as long as its non-secure. However, when switching to SSL we sometimes see 408 errors (incomplete request). This only happens on ajax, and inconsistently (similar requests might succeed on one moment, but fail on the other).

Please note:
1. Our client is Chrome browser, using JQuery for ajax
2. Server is Tomcat 7
3. Network is fast and stable, and the ajax requests are small
4. Problem occurs for both our connectors: APR and Http (both with SSL enabled)
5. Our x509 certificate is valid (otherwise it would have failed on *all* ajax ssl requests, not to mention the non-ajax ssl)

posted Jul 31, 2013 by Luv Kumar

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button
what happens if you increase the connectionTimeout (on your ssl connector) to a longer interval e.g.?

1 Answer

0 votes

The HTTP RFC 2616 states :

10.4 Client Error 4xx

The 4xx class of status code is intended for cases in which the client seems to have erred.


10.4.9 408 Request Timeout

The client did not produce a request within the time that the server was prepared to wait. The client MAY repeat the request without modifications at any later time.

On the face of it thus (and barring some real bug in Tomcat), this looks like a client error, scenario :
- the client opens a TCP connection to the server, with the purpose of sending a request on that connection
- but then the client fails to send a request on that connection, for a time sufficient for the server to declare a "time-out" (or takes an inordinate amount of time to send the request line - such as in one kind of DOS attack).

Any idea why some of your client requests may have such a behaviour ?

answer Jul 31, 2013 by Mandeep Sehgal
Similar Questions
+2 votes

I'm trying to set TLS protocol with the next parameter into the ssl.conf file:

 SSLProtocol all -SSLv2 -SSLv3 

but then my web application fails. I only can see next error in log file

[info] SSL library error 1 in handshake (server my.server:443, client xx.xx.xx.xx)
[info] SSL Library Error: 336027900 error:140760FC:SSL routines:func(118):reason(252)
[info] Connection to child 4 closed with abortive shutdown(server my.server:443, client xx.xx.xx.xx) 

I can`t see as well, into the customlog file, a "GET" that I can see when all protocols are enabled (no forcing TLS): - - [03/Feb/2015:09:30:47 0100] "GET /application/resources/css/template_v6.0.xsl HTTP/1.0" 200 28323  

Any help will be appreciated

0 votes

I am trying to refresh our web site with the latest version of apache. As part of the refresh I want to enforce SSL access to the site. I've setup SSL and the site mostly works with basic authentication, but I have errors when trying to download/view video files from the web site.

I've tried several different clients and 80% of the time I get a window with a big square and if one clicks on the square it says "The specified movie could not be found". Sometime firefox on a Mac will actually play the movie but mostly not.

I can retrieve the movie using wget just fine.

In the error log a debug trace shows it making one request for the web page and the authentication for that suceeds, but then the second request for the video file is rejected because the credentials are not available! Is there an option which tells the client not to send the authentication information? or to clear when requesting?

AH01626: authorization result of Require group svsaccess: granted,
AH01626: authorization result of Require group svsaccess: denied (no authenticated user yet)

BTW, the site works as expected under non-SSL connections.

0 votes

How to handle multiple callback ajax request ?

0 votes

I have an WebAPI connected with mongoDB instance which is not configured or started with SSL/TSL.
When I implemented security certificate for my WebAPI, connection to mongoDB get fails. Any idea....