I'm using Zen 6.x-1.0-beta3.

When Drupal is sitting behind a reverse-proxy (ie: nginx), error pages (404 or access denied) will have 4 hex characters echoed above the page html content. The characters are seemingly random (ie: "24cb").

This may not sound like a Zen problem, but the problem only occurs when using the vanilla Zen theme, or any sub-theme of Zen.

Does Zen have any logic in it that could possibly result in characters echoing above the HTML content?


#9 drupal6-n355170.patch819 bytesDamienMcKenna
FAILED: [[SimpleTest]]: [MySQL] Unable to apply patch drupal6-n355170.patch. See the log in the details link for more information. View
Members fund testing for the Drupal project. Drupal Association Learn more


ryan_courtnage’s picture

I should mention that this problem is specific to being behind the reverse-proxy, which will set some $_SERVER variables that Drupal will use (ie: HTTP_X_FORWARDED_FOR).

In settings.php, the reverse proxy settings are set:
'reverse_proxy' => TRUE,
'reverse_proxy_addresses' => array(''),

chrsc’s picture

Component: Code » layout.css

Were you able to fix it? I'm having the same problem, only with a custom template.

ryan_courtnage’s picture


Sorry, I never did solve this problem. It only happens in our staging environment, which is using nginx as the reverse proxy. On our production server we use a different proxy, and the problem doesn't appear.

seanubis’s picture

This isn't a problem with the Zen theme. This problem appears to be due to the fact that when Drupal sets a 404 or 403 header (in includes/common.inc) it's specifying HTTP/1.1 as the server protocol, eg:

drupal_set_header('HTTP/1.1 404 Not Found');

This is a problem because apparently Nginx can only speak HTTP/1.0 to backend servers.

You can work around the problem by modifying the drupal_set_header function as follows:

function drupal_set_header($header = NULL) {
  // We use an array to guarantee there are no leading or trailing delimiters.
  // Otherwise, header('') could get called when serving the page later, which
  // ends HTTP headers prematurely on some PHP versions.
  static $stored_headers = array();

  // this line fixes strange characters in 403/404 output when proxied behind nginx
  $header = str_replace('HTTP/1.1', $_SERVER["SERVER_PROTOCOL"], $header);
  if (strlen($header)) {
    $stored_headers[] = $header;
  return implode("\n", $stored_headers);
jslag’s picture

Project: Zen » Drupal core
Version: 6.x-1.0-beta3 » 6.14
Component: layout.css » base system

Thanks for the explanation -- I'm seeing this as well on my site, also being proxied by nginx.

If I'm understanding things correctly, it looks like this code path has been redone in D7.

Would it be possible to do something about this for D6 sites via a module? I've just done some digging around but I don't see if it'd be possible.

Jānis Bebrītis’s picture

Title: random hex characters when behind a proxy » solution

Sorry for bumping into old thread, we moved to nginx frontend for some VPS`es too and ran into the same problem. I googled around and found solution to alter apache2 configuration so that it forces HTTP 1.0 headers.

I added following two lines at the end of /etc/apache2/apache2.conf
SetEnv force-response-1.0 1
SetEnv downgrade-1.0 1

This works for nginx proxy as frontend and apache as backend. I hope it helps someone.

Solution found on http://brainstorm.name/blog/nginx-apache-proxy-chunked-encoding-problem.... which is pointing to http://www.lexa.ru/nginx-ru/msg25234.html

Jānis Bebrītis’s picture

Title: solution » random hex characters when behind a proxy
geerlingguy’s picture

I'm having the same problem on two different sites. This was puzzling the heck out of me... and it only appears to the end user in Internet Explorer (the characters show up before the opening tag). Consider this a subscribe :-/

DamienMcKenna’s picture

Status: Active » Needs work
819 bytes
FAILED: [[SimpleTest]]: [MySQL] Unable to apply patch drupal6-n355170.patch. See the log in the details link for more information. View

Here's a quick patch to implement the code listed in #4 above.

yang_yi_cn’s picture


emackn’s picture

#6 worked for us. :) Only took about 3 hrs to sort it out.

Thank you, Thank you, Thank you

dstol’s picture

+1 on #6

jayatdrupal’s picture

Why wouldn't the patch be to change this line:

drupal_set_header('HTTP/1.1 403 Forbidden');

to this one:

drupal_set_header('HTTP/1.0 403 Forbidden');

for nginx - as it needs to have HTTP/1.0 ?

It seems to work fine with that fix in...

Ilya1st’s picture

OMG, Think that's not a bad way. Why ignored?

Jānis Bebrītis’s picture

basically, moving to pressflow fixes this issue. it's all about drupal < 7 headers.

JimBroad’s picture

Status: Needs work » Needs review

This appears to be fixed in 6.x-dev, rather than use patch in #4, the offending drupal_set_header() calls in common.inc were replaced like so:

 function drupal_access_denied() {
-  drupal_set_header('HTTP/1.1 403 Forbidden');
+  drupal_set_header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden');

This requires you to make sure your server is set up to serve HTTP/1.0 for nginx.

#6 gave sample to do this but on our config we needed to add the following to drupal vhosts(http/https):

        SetEnv force-response-1.0
        SetEnv downgrade-1.0

(note to the lack of trailing '1' from #6)

also, it appears ctools.module has a similar issue ctools_shutdown_handler(): header('HTTP1.1 200 OK');, but havn't yet to run into an issue with it yet.

Status: Needs review » Needs work

The last submitted patch, drupal6-n355170.patch, failed testing.

JimBroad’s picture

Status: Needs work » Fixed

No patches required, fix is already in core.

The rest of issue is server config.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.