Cat

Cat

Errors when using SSL and reloading page too fast on slow-responding server

I’ve been trying to debug this for days, and I can’t figure out what I’m doing wrong. If SSL is off, I can reload the page as fast as I want and I don’t encounter any errors. But when I turn SSL on and try refreshing the page quickly, repeatedly, I get an error after the 5th or 10th reload.

Steps to reproduce

1. Start with a fresh elixir Docker container.

docker run -it --rm -w /opt -p 4000:4000 -p 4001:4001 elixir bash

2. Generate a simple Phoenix app

apt-get update && apt-get install inotify-tools -y
mix archive.install hex phx_new --force
mix phx.new hello --no-ecto --install
cd hello

3. Generate a self-signed cert needed for SSL

mix phx.gen.cert

4. Configure the endpoint

  • Change the IP to 0.0.0.0 to allow access from outside the container

    sed -i 's/{127, 0, 0, 1}/{0, 0, 0, 0}/' config/dev.exs
    
  • Uncomment the self-cert https block

    sed -ie '/# \{5\}https/,/# \{5\}],/ { s/^#//; }' config/dev.exs
    
  • Config Bandit to output client closures

    sed -ie '/certfile/,/],/ { s/"$/",\n       http_options: [log_client_closures: :verbose]/; s/],/]/; }' config/dev.exs
    
  • Add a necessary comma after the watchers config option

    sed -zie '/watchers/,/]\n/ { s/]\n/],\n/ }' config/dev.exs
    

Endpoint config in config/dev.exs should look like this:

config :hello, HelloWeb.Endpoint,
  http: [ip: {0, 0, 0, 0}, port: 4000],
  ...
  watchers: [
    ...
  ],
  https: [
    port: 4001,
    cipher_suite: :strong,
    keyfile: "priv/cert/selfsigned_key.pem",
    certfile: "priv/cert/selfsigned.pem",
    http_options: [log_client_closures: :verbose]
  ]

5. Configure the controller

  • Add a 1-second sleep to the controller home action to simulate a slow server response:

    sed -ie '/render/ { s/^/    Process.sleep(1000)\n/ }' lib/hello_web/controllers/page_controller.ex
    

The home action in lib/hello_web/controllers/page_controller.ex should now look like this:

def home(conn, _params) do
  ...
  Process.sleep(1000)
  render(conn, :home, layout: false)
end

6. Start the server

iex -S mix phx.server

7. Test with the HTTPS scheme

Visit https://localhost:4001 with your browser. It will complain about the certificates. Bypass and continue.

Now, reload the page repeatedly as fast as you can. After about the 5th or 10th reload, you should start encountering problems. With Firefox, I don’t see any errors in the console, but Firefox does eventually render a “Network protocol error” page. When I try it with Chromium and Gnome Web browsers, I see the following error in the console:

Error output

[info] Sent 500 in 1010ms
[error] ** (Bandit.TransportError) Client reset stream normally
    (bandit 1.6.1) lib/bandit/http2/stream.ex:386: Bandit.HTTPTransport.Bandit.HTTP2.Stream.do_recv_rst_stream!/2
    (bandit 1.6.1) lib/bandit/adapter.ex:230: Bandit.Adapter.send_data/3
    (bandit 1.6.1) lib/bandit/adapter.ex:113: Bandit.Adapter.send_resp/4
    (plug 1.16.1) lib/plug/conn.ex:444: Plug.Conn.send_resp/1
    (hello 0.1.0) lib/hello_web/controllers/page_controller.ex:1: HelloWeb.PageController.action/2
    (hello 0.1.0) lib/hello_web/controllers/page_controller.ex:1: HelloWeb.PageController.phoenix_controller_pipeline/2
    (phoenix 1.7.18) lib/phoenix/router.ex:484: Phoenix.Router.__call__/5
    (hello 0.1.0) lib/hello_web/endpoint.ex:1: HelloWeb.Endpoint.plug_builder_call/2
    (hello 0.1.0) deps/plug/lib/plug/debugger.ex:136: HelloWeb.Endpoint."call (overridable 3)"/2
    (hello 0.1.0) lib/hello_web/endpoint.ex:1: HelloWeb.Endpoint.call/2
    (phoenix 1.7.18) lib/phoenix/endpoint/sync_code_reload_plug.ex:22: Phoenix.Endpoint.SyncCodeReloadPlug.do_call/4
    (bandit 1.6.1) lib/bandit/pipeline.ex:127: Bandit.Pipeline.call_plug!/2
    (bandit 1.6.1) lib/bandit/pipeline.ex:36: Bandit.Pipeline.run/4
    (bandit 1.6.1) lib/bandit/http2/stream_process.ex:27: Bandit.HTTP2.StreamProcess.handle_continue/2
    (stdlib 6.1.2) gen_server.erl:2335: :gen_server.try_handle_continue/3
    (stdlib 6.1.2) gen_server.erl:2244: :gen_server.loop/7
    (stdlib 6.1.2) proc_lib.erl:329: :proc_lib.init_p_do_apply/3

Error screenshots

The forum won’t let me upload pictures, so I’ve uploaded screenshots of the error pages to Imgur.

Firefox | Chromium

8. Test with the HTTP scheme

Now visit http://localhost:4000.

Reload page repeatedly as fast as you can.

No matter how long or how fast I reload the browser, I get no errors.

Incidentals

Since it’s running in a Docker container, I’m not sure that it matters what OS I’m using, but in case it does, I’m on Debian Bookworm.

Marked As Solved

Cat

Cat

The issue I was encountering has seemingly disappeared after Bandit bumped the version of its dependency, hpax to 1.0.2 yesterday

Where Next?

Popular in Questions Top

JeremM34
Hello, how can I check the Phoenix version ? Thanks !
New
earth10
Hi, I’m just starting to build a side-project with Elixir and Phoenix and doing some basic test with Elixir alone. What strikes me is th...
New
JulienCorb
I am trying to implement my new.html.eex file to create new posts on my website. new.html.eex: <h1>Create Post</h1> <%= ...
New
jaysoifer
Is there a way to rollback a specific migration and only that one (“skipping” all the other ones)? Would mix ecto.rollback -v 200809061...
New
jay1
Why is it that the mnesia database isn’t the most preferred database for use in Elixir/Phoenix?
New
freewebwithme
Using vs code and installed ElixirLS: support and debugger. And I got an error popped up on start up says Failed to run ‘elixir’ comma...
New
srinivasu
How to handle excepions in elixir? Suppose i have A, B, C ,D, E modules. and each module has get() function. A.get() method will call t...
New
nobody
Hi! In PHP: $_SERVER[‘SERVER_ADDR’] - in Elixir? Searched the docs for ip address and the web, no good results. Thanks!
New
chensan
I have a User schema with a :from_id field set to type :string: defmodule TweetBot.Repo.Migrations.CreateUsers do use Ecto.Migration ...
New
Brian
What is the proper way to load a module from a file in to IEX? In the python world, doing something like this pretty standard: from ....
New

Other popular topics Top

albydarned
Hello all! I am typing this post from my new MacBook Pro with the M1 chip. I’m loving it so far, and will probably use it as my daily dr...
New
skosch
To my knowledge, put_in, Map.update etc. all have the one limitation of not automatically creating intermediate keys when needed (for exa...
New
lessless
I believe there are people here who are dealing with CSV files import on the daily basis, and since Excel is a really popular tool there ...
New
vegabook
I’m brand new to Phoenix and I have stripped one of the demo applications to the bone. I just want to get an svg up on the screen. Here i...
New
stefanluptak
Hello everybody, usually, I use a 29" ultra-wide monitor for VSCode which can easily accomodate explorer (files panel) + file with code ...
New
bsollish-terakeet
Credo is smart enough to check for (something like) this: assert length(the_list) == 0 with this response: Checking if an enum is empt...
New
jason.o
In the code below, if the create action is not set to accept “extra_key” as an input, it errors out with a message shown above. Is there ...
New
nsuchy
Hi. I’ve noticed that Windows Powershell has it’s own IEX command and you cannot access Elixir’s IEX due to the conflict. This isn’t a cr...
New
axelson
This post is a wiki (feel free to hit the edit button near the bottom right of this post to add your own changes!) This post collects co...
239 47930 226
New
dogweather
I wrote this comment on r/haskell, and it’s not popular there. :wink: But I think I’m on to something… Haskell reminds me of Java, and e...
New

We're in Beta

About us Mission Statement