Proxy returns empty response for long requests

Question

Proxy returns empty response for long requests

Opened this issue 2 years ago · 0 comments

Preflight checklist

I could not find a solution in the existing issues, docs, nor discussions.
I agree to follow this project's Code of Conduct.
I have read and am following this repository's Contribution Guidelines.
This issue affects my Ory Network project.
I have joined the Ory Community Slack.
I am signed up to the Ory Security Patch Newsletter.

Describe the bug

If the server takes more than 10s to process the request, the Ory Proxy will not return the response to the client. It will keep the connection open until the request is processed but the result will be an empty response.

We observed the 10s limit by playing around with it a bit, e.g. 9.5s long requests work fine, 10.5s requests seem to consistently fail.

We observed this for both requests from the browser and backend triggered requests.

I am aware keeping a request open for this long is not a great practice, but I didn't see any mention of a timeout in the Proxy docs. Also the behaviour is not really great - the connection stays open and then terminates without any response code.

Reproducing the bug

This example is using a Python server. We observed this also with a TypeScript/Express.js server.

pip3 install flask

Create an app.py file:

from time import sleep
from flask import Flask

app = Flask(__name__)

@app.route("/short")
def short():
    sleep(9.5)
    return "This works!"

@app.route("/long")
def long():
    sleep(10.5)
    return "But does this work?"

Start the application with:

flask --app app run

The application should start on port 5000. You can test the requests with curl like

$ curl localhost:5000/short -v
*   Trying 127.0.0.1:5000...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 5000 (#0)
> GET /short HTTP/1.1
> Host: localhost:5000
> User-Agent: curl/7.68.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Server: Werkzeug/2.2.3 Python/3.10.6
< Date: Tue, 28 Feb 2023 18:56:06 GMT
< Content-Type: text/html; charset=utf-8
< Content-Length: 11
< Connection: close
< 
* Closing connection 0
This works!

$ curl localhost:5000/long -v
*   Trying 127.0.0.1:5000...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 5000 (#0)
> GET /long HTTP/1.1
> Host: localhost:5000
> User-Agent: curl/7.68.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Server: Werkzeug/2.2.3 Python/3.10.6
< Date: Tue, 28 Feb 2023 18:55:53 GMT
< Content-Type: text/html; charset=utf-8
< Content-Length: 19
< Connection: close
< 
* Closing connection 0
But does this work?

You can see above both requests work properly, resulting with This works! for the /short request and But does this work? for the /long request.

Now start the Ory Proxy, e.g. like

ory proxy http://localhost:5000 --dev --debug --project ***

Proxy starts on port 4000, now try the requests through the Proxy:

$ curl localhost:4000/short -v
*   Trying 127.0.0.1:4000...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 4000 (#0)
> GET /short HTTP/1.1
> Host: localhost:4000
> User-Agent: curl/7.68.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Content-Type: text/html; charset=utf-8
< Date: Tue, 28 Feb 2023 18:54:40 GMT
< Server: Werkzeug/2.2.3 Python/3.10.6
< Strict-Transport-Security: max-age=0;
< Vary: Origin
< Content-Length: 11
< 
* Connection #0 to host localhost left intact
This works!

$ curl localhost:4000/long -v
*   Trying 127.0.0.1:4000...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 4000 (#0)
> GET /long HTTP/1.1
> Host: localhost:4000
> User-Agent: curl/7.68.0
> Accept: */*
> 
* Empty reply from server
* Connection #0 to host localhost left intact
curl: (52) Empty reply from server

As you can see, curl localhost:5000/long -v works fine, but curl localhost:4000/long -v produces an curl: (52) Empty reply from server.

Relevant log output

ory proxy http://localhost:5000 --dev --debug --quiet --project ***
INFO[2023-02-28T14:08:10-05:00]                                               audience=application service_name=ory/cloud service_version=v0.2.2 started_at=2023-02-28 14:08:10.792057745 -0500 EST m=+0.034414753
INFO[2023-02-28T14:08:10-05:00] ES256 JSON Web Key generation completed.      audience=application completed_at=2023-02-28 14:08:10.792135942 -0500 EST m=+0.034492944 service_name=ory/cloud service_version=v0.2.2
WARN[2023-02-28T14:08:10-05:00] Because you are not authenticated, the Ory CLI can not configure your project automatically. You can still use the Ory Proxy / Ory Tunnel, but complex flows such as Social Sign In will not work. Remove the `--quiet` flag or run `ory auth login` to authenticate.  audience=application service_name=ory/cloud service_version=v0.2.2
To access your application via the Ory Proxy, open:

	http://localhost:4000
[cors] 2023/02/28 14:08:14 Handler: Actual request
[cors] 2023/02/28 14:08:14   Actual request no headers added: missing origin
[cors] 2023/02/28 14:08:29 Handler: Actual request
[cors] 2023/02/28 14:08:29   Actual request no headers added: missing origin

Relevant configuration

No response

Version

0.2.2

On which operating system are you observing this issue?

Linux

In which environment are you deploying?

Ory Network

Additional Context

No response