[BUG-228850] HTTP requests to known-working external URLs always fail with HTTP response 499 #6836
Comments
|
animats commented at 2020-06-01T02:02:23Z Also seeing this. Results vary with the domain: http://animats.dreamhosters.com - OK (301, moved permanently to the HTTPS url) https://animats.dreamhosters.com - error 499 Probable cause: one root cert of Usertrust expired May 30th. Ref:
"The short answer is the overwhelming majority of people will not experience any problems when the AddTrust root expires in May. The AddTrust cross-signing was originally done to account for older devices that did not include the USERTrust root. If the USERTrust root is present (as it is in 100% of modern browsers, operating systems, and mobile devices), the software will simply choose a trust path that leads to USERTrust and ignores AddTrust. Due to the USERTrust root’s ubiquity, only a vanishingly small number of legacy devices can be expected to experience trust issues when AddTrust expires." |
|
Lou Netizen commented at 2020-06-01T06:33:51Z I don't have any special insight into how regions manage HTTP connections, but it is unclear how the expiry of the AddTrust root certificate could:
|
|
animats commented at 2020-06-01T06:48:53Z See also BUG-228848. Do you have a non-HTTP URL that fails? Does it redirect to an HTTPS URL?
|
|
Lou Netizen commented at 2020-06-01T21:02:12Z, updated at 2020-06-01T22:16:06Z http://lounetizen.com/api/simple-echo/ was failing last night and still seems to be failing tonight, since its log has no new entries and I left a script pinging it every five minutes. It just returns "ok" whether accessed via HTTP or HTTPS. It does not redirect to HTTPS. All other endpoints on that site currently use HTTPS. Some are functioning normally from a wide variety of regions with a wide variety of object owners; other are failing from a similarly-wide variety of regions and owners. |
|
animats commented at 2020-06-01T22:32:39Z I tried that, and your server just returns "ok", with a status of 200. That's normal. |
|
Lou Netizen commented at 2020-06-01T22:40:55Z I agree getting status 200 and "ok" is the expected behaviour there. However, the script I left running inworld still apparently cannot reach it (or, at least, no accesses are being logged) and it's still reporting 499s every five minutes to another service which is still working. I'll see if I can get inworld tonight and check on it. |
|
Whirly Fizzle commented at 2020-06-02T10:35:01Z Looks likely a fix is coming on Tusday - see this post: https://community.secondlife.com/forums/topic/455707-deploy-plan-for-the-week-of-2020-06-01/ |
What just happened?
Using llHTTPRequest() to connect to several endpoints in my domain now returns response code 499 for every request. Endpoints are accurate and functioning; most of these endpoints have been in use for several years, and started returning 499 errors the week of 25 May 2020.
As an example, this URL:
https://lounetizen.com/api/book/cover/?isbn=0140267972
Should returning some parsable plaintext information about the book "Desert Places" by Robyn Davidson. And, outside SL, it does just that. Requested from an LSL script, it returns error 499. That endpoint supports a product that has been available for three years.
Status 499 is returned with either HTTP or HTTPS versions of the URL.
Numerous other (but apparently not all) endpoints in my domain also return 499 errors in all cases. None of the endpoints returning 499s are high traffic. The issue can be reproduced on regions I have never previously visited, so it cannot be HTTP throttling.
What were you doing when it happened?
I received a report from a user of one of my products that it had stopped working. So I started checking others.
What were you expecting to happen instead?
I was expecting requests to my domain from llHTTPRequest to be honoured as they have been previously.
Other information
This issue breaks existing content.
Sample object available on request.
Links
Related
Duplicates
Original Jira Fields
The text was updated successfully, but these errors were encountered: