Netlify proxy are not consistant over time

Hello,

We are fighting since 3 days massive error on our redirect.
It’s appear that Netlify proxy server are not having the same behaviours creating random bugs that are horrible for us.

Here my _netlify.toml file :

[[redirects]]
  from = "/*"
  to = "/fr/:splat?utm_source=:utm_source&utm_medium=:utm_medium&utm_campaign=:utm_campaign&utm_content=:utm_content"
  query = {utm_source = ":utm_source", utm_medium= ":utm_medium", utm_campaign = ":utm_campaign", utm_content= ":utm_content"}
  status = 301

[[redirects]]
  from = "/*"
  to = "/fr/:splat"
  status = 301

And here two curl run in 1 second :

admin@ubuntu ~> curl -v "https://cms.luko.eu?utm_source=234&utm_content=2344a&utm_medium=123&utm_campaign=244"
*   Trying 157.230.120.63:443...
* TCP_NODELAY set
* Connected to cms.luko.eu (157.230.120.63) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=cms.luko.eu
*  start date: Jul  8 20:52:38 2020 GMT
*  expire date: Oct  6 20:52:38 2020 GMT
*  subjectAltName: host "cms.luko.eu" matched cert's "cms.luko.eu"
*  issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x563bc2631db0)
> GET /?utm_source=234&utm_content=2344a&utm_medium=123&utm_campaign=244 HTTP/2
> Host: cms.luko.eu
> user-agent: curl/7.68.0
> accept: */*
> 
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 150)!
< HTTP/2 301 
< content-length: 85
< content-type: text/plain; charset=utf-8
< date: Thu, 23 Jul 2020 17:52:16 GMT
< location: /fr/?utm_source=234&utm_medium=123&utm_campaign=244&utm_content=2344a
< x-xss-protection: 1; mode=block
< age: 0
< server: Netlify
< cache-control: max-age=0,no-cache,no-store,must-revalidate
< x-nf-request-id: 0689fd62-cfba-4034-889c-dc915105323e-6083843
< 
Redirecting to /fr/?utm_source=234&utm_medium=123&utm_campaign=244&utm_content=2344a
* Connection #0 to host cms.luko.eu left intact


admin@ubuntu ~> curl -v "https://cms.luko.eu?utm_source=234&utm_content=2344a&utm_medium=123&utm_campaign=244"
*   Trying 165.22.65.139:443...
* TCP_NODELAY set
* Connected to cms.luko.eu (165.22.65.139) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=cms.luko.eu
*  start date: Jul  8 20:52:38 2020 GMT
*  expire date: Oct  6 20:52:38 2020 GMT
*  subjectAltName: host "cms.luko.eu" matched cert's "cms.luko.eu"
*  issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x5596e4799db0)
> GET /?utm_source=234&utm_content=2344a&utm_medium=123&utm_campaign=244 HTTP/2
> Host: cms.luko.eu
> user-agent: curl/7.68.0
> accept: */*
> 
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 150)!
< HTTP/2 301 
< content-type: text/plain
< location: /fr/
< date: Thu, 23 Jul 2020 17:39:56 GMT
< content-length: 20
< age: 741
< server: Netlify
< x-nf-request-id: c0743e95-7b63-4b1a-b0bc-b4e28316c67d-3993965
< 
Redirecting to /fr/
* Connection #0 to host cms.luko.eu left intact

Hey @devLuko,
Sorry to hear you’re running into this :frowning: We tried to run some tests against these routes but found that they return 200s, so no longer redirect using the query parameters. Would you be willing to deploy a branch of your repo with the netlify.toml you shared? It wouldn’t have to be part of your production site that your users might run into. That would let us test against your routes and get a better understanding of what’s happening.