Azure-functions-host: AzureFunctions Proxy x-ms-privatelink-id causing invalid header value check

Created on 7 May 2020  路  4Comments  路  Source: Azure/azure-functions-host

When function is routed through Azure Functions Proxy, a x-ms-privatelink-id header value is added.

This header value has invalid characters

"x-ms-privatelink-id":"\n\nrequest-id\u00123|50e85f514b894e43945890308a5081ab.029e71f938874c4d."

Which fails "fetch-node" 's Headers validation check.

Investigative information

Please provide the following:

  • Timestamp:
  • Function App version:
  • Function App name:
  • Function name(s) (as appropriate):
  • Invocation ID:
  • Region:

Repro steps

Provide the steps required to reproduce the problem:

````
import { AzureFunction, Context, HttpRequest } from "@azure/functions"
import { Headers } from "node-fetch"

const httpTrigger: AzureFunction = async function (context: Context, req: HttpRequest): Promise {
context.log('HTTP trigger function processed a request.');

context.log( JSON.stringify(req.headers) );

let h = new Headers(req.headers);

context.log( JSON.stringify(h) );

const name = (req.query.name || (req.body && req.body.name));
const responseMessage = name
    ? "Hello, " + name + ". This HTTP triggered function executed successfully."
    : "This HTTP triggered function executed successfully. Pass a name in the query string or in the request body for a personalized response.";

context.res = {
    // status: 200, /* Defaults to 200 */
    body: responseMessage
};

};

export default httpTrigger;
````

Expected behavior

Provide a description of the expected behavior.

When function is called directly - no issues.
When function is called through an AzureFunctions proxy - no issues.

Actual behavior

Provide a description of the actual behavior observed.

When function is called through an AzureFunctions proxy - fails with

2020-05-07T08:25:32.807 [Information] {"accept":"/","accept-encoding":"gzip","cache-control":"no-cache","connection":"Keep-Alive","content-length":"0",
...
,"x-ms-privatelink-id":"\n\nrequest-id\u00123|50e85f514b894e43945890308a5081ab.029e71f938874c4d.","traceparent":"00-50e85f514b894e43945890308a5081ab-029e71f938874c4d-00","x-arr-ssl":"2048|256|C=US, S=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT TLS CA 5|CN=*.azurewebsites.net","x-appservice-proto":"https"}
2020-05-07T08:25:33.293 [Error] Executed 'Functions.testRedirect' (Failed, Id=a704c0e8-ad73-4878-89ac-df4e67de962d)
Result: Failure
Exception: TypeError:

request-id3|50e85f514b894e43945890308a5081ab.029e71f938874c4d. is not a legal HTTP header value
Stack: TypeError:

request-id3|50e85f514b894e43945890308a5081ab.029e71f938874c4d. is not a legal HTTP header value
at validateValue (D:\home\site\wwwroot\node_modules\node-fetch\lib\index.js:677:9)
at Headers.append (D:\home\site\wwwroot\node_modules\node-fetch\lib\index.js:829:3)
at new Headers (D:\home\site\wwwroot\node_modules\node-fetch\lib\index.js:754:11)
at Object. (D:\home\site\wwwroot\dist\testRedirect\index.js:17:17)
at Generator.next ()
at D:\home\site\wwwroot\dist\testRedirect\index.js:8:71
at new Promise ()
at __awaiter (D:\home\site\wwwroot\dist\testRedirect\index.js:4:12)
at Object.httpTrigger [as default] (D:\home\site\wwwroot\dist\testRedirect\index.js:14:12)
at D:\Program Files (x86)\SiteExtensions\Functions2.0.13351\workers\node\worker-bundle.js:18808:26

Known workarounds

Provide a description of any known workarounds.

Don't use Node-Fetch? But this is a depedency of ApolloServer for AzureFunctions that I can't remove.

Related information

Provide any related information

This appears to be a most recent bug that started happening on 2020-05-06

Tried to remove x-ms-privatelink-id in AzureFunctions Proxy config, but it comes back regardless.

picture johnnliu
👍2

Most helpful comment

My current workaround in the function handler

previous
export default server.createHandler();

workaround

````
const graphqlHandler = server.createHandler();

export default (context: Context, req: HttpRequest) => {

// https://github.com/Azure/azure-functions-host/issues/6013
req.headers['x-ms-privatelink-id'] = '';

return graphqlHandler(context, req);

}
````

picture johnnliu on 8 May 2020
👍2

All 4 comments

I started to have similar issues with my Azure Function App on 2020-05-06. I don't have a proxy or any custom networking configurations. I started to get "POST missing body" (from ApolloServer) in my app. I added some logging and noticed that for some reason x-ms-privatelink-id is eating the body pretty often.

I also tried to send test requests via Azure Portal. I set the request body to an JSON object { "someProperty" : "this is really buggy" } and this is what I get in my headers: "x-ms-privatelink-id":"\\n+{ \\"someProperty\\" : \\"this is really buggy\\" }" ... and the actual request body is empty.

My app is basically broken, because this happens to the most of the requests.

niklas-e picture niklas-e on 7 May 2020
👍1

My current workaround in the function handler

previous
export default server.createHandler();

workaround

````
const graphqlHandler = server.createHandler();

export default (context: Context, req: HttpRequest) => {

// https://github.com/Azure/azure-functions-host/issues/6013
req.headers['x-ms-privatelink-id'] = '';

return graphqlHandler(context, req);

}
````

johnnliu picture johnnliu on 8 May 2020
👍2

Any word on when this will be fixed? I have a number of production functions that I'm now worried are going to break out of the blue.

lworkman picture lworkman on 13 May 2020
👍1

I'm also seeing these symptoms in my functionapp, but my setup is different. I'm logging all headers for debugging purposes and it appears that something is always getting eaten by the x-ms-privatelink-id header. Most of the time it appears to be a header value:

x-ms-privatelink-id: x-original-urlN/api/submitscore?code=9ahPno8YlBBeMUxE41Sq1lFyNlA8muAdzwUPHm4qI5wdsVJOKuJQ8w==

But sometimes, it eats the body, which results in a fatal error in my application since the body then is returned as null in the request object. The x-ms-privatelink-id header looks like this when that happens:

x-ms-privatelink-id: 9{"score":0,"env":"Demo","gameMode":"Demo","version":"1"}

Does anyone know a workaround? This appears to only be occurring in production. Tried both v2 and v3 runtimes.

Chaosed0 picture Chaosed0 on 17 Jun 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

christopheranderson picture christopheranderson  路  4Comments
ladeak picture ladeak  路  3Comments
krillehbg picture krillehbg  路  3Comments
horihiro picture horihiro  路  3Comments
shibayan picture shibayan  路  3Comments