I'm using apache2.2 as shipped with Debian/etch and have the following
in my config:

   ProxyRequests Off
   <Proxy *>
       Order deny,allow
       Allow from all
   </Proxy>

   ProxyPass / http://localhost:40404/
   ProxyPassReverse / http://localhost:40404/

Thanks for the help. I just realized that I am using mod-auth-security on my apache2 server and it appears the following line in my apache2.conf is the problem:

# Prevent XSS atacks (HTML/Javascript injection)
SecFilter "<(.|n)+>"

After commenting out this filter, it all seems to work now.

Thanks.