これが原因かも
(原文まんまコピペ)

CAN-2005-2088 (cve.mitre.org)
core: If a request contains both Transfer-Encoding and Content-Length headers, remove the Content-Length.
proxy_http: Correctly handle the Transfer-Encoding and Content-Length request headers. Discard the request Content-Length whenever chunked T-E is used, always passing one of either C-L or T-E chunked whenever the request includes a request body.
Unassigned
proxy_http: If a response contains both Transfer-Encoding and a Content-Length, remove the Content-Length and don't reuse the connection.