Drupal and OVH: Incorrect Content-Length Header Breaks HTTP/2 with net::ERR_HTTP2_PROTOCOL_ERROR

Overview

HTTP/2 introduces a more strict and efficient protocol for transferring data between clients and servers. While it improves performance through multiplexing and header compression, it also enforces tighter validation rules than HTTP/1.1. One common configuration issue that surfaces under HTTP/2 is an incorrect Content-Length header, which can result in browser errors such as: net::ERR_HTTP2_PROTOCOL_ERROR

This issue has been observed in real-world deployments, including shared and managed hosting environments such as OVH, but it is not limited to a single provider.

Where the Problem Occurs

In practice, this error frequently appears on:

• OVH hosting environments with HTTP/2 enabled by default
• Platforms running recent versions of Drupal, where responses are modified dynamically
• Shared or managed hosting setups where the web server configuration is partially abstracted from the user

It is important to note that this is not an OVH-specific bug. Any hosting provider using Apache with HTTP/2 and aggressive response processing can expose the same issue. Newer Drupal versions, due to their use of middleware, output buffering, compression, and security headers, make such misconfigurations more visible.

The Root Cause

The Content-Length header specifies the exact size of the response body. Under HTTP/2, this value must strictly match the actual payload sent to the client.

Problems arise when:

• Content-Length is set manually in configuration or application code
• The response body is altered after headers are generated (compression, buffering, subscribers, filters)
• Multiple layers (Drupal, PHP, Apache modules) attempt to manage the same header

While HTTP/1.1 often tolerates such inconsistencies, HTTP/2 does not. Any mismatch results in a protocol violation and causes the browser to terminate the connection.

The Correct Solution

The recommended and safest approach is to remove the Content-Length header entirely and let Apache calculate it automatically.

This can be done using the mod_headers module in the .htaccess file.

Fixed .htaccess Configuration

# Various header fixes.
<IfModule mod_headers.c>
  Header onsuccess unset X-Content-Type-Options
  Header always set X-Content-Type-Options nosniff

  # Prevent invalid Content-Length under HTTP/2
  Header always unset Content-Length

  RequestHeader unset Proxy
</IfModule>

Why This Works

By unsetting Content-Length:

• Apache determines the correct response size
• Dynamically generated and compressed responses remain valid
• HTTP/2 protocol requirements are respected
• Browser-side ERR_HTTP2_PROTOCOL_ERROR issues are resolved

Conclusion

The net::ERR_HTTP2_PROTOCOL_ERROR caused by an incorrect Content-Length header is a server-level configuration problem that becomes visible under HTTP/2. It commonly appears on OVH hosting but can affect any environment running modern Apache configurations and recent Drupal versions.

Removing the header and delegating its management to the web server is a clean, standards-compliant solution that prevents subtle and hard-to-diagnose production issues.