On Feb 21, 8:41pm, Henrik Nordstrom wrote:
> On Thursday 21 February 2002 15:22, Allen Smith wrote:
>
> > The only good news here is that implementors of mail servers (Sam?
> > Are you listening?) and NNTP news servers (and any/all other sorts
> > of servers that typically expect text lines as input) can easily
> > defeat this ploy by checking to see if the very first ``command''
> > that is received after the connection is established is either
> > `POST' or `PUT'.
>
> Well.. actually the HTTP specification says that mostly any method
> can have a request entity with a few exceptions. The HTTP/1.1
> specification is rather clear on this.
>
> Squid is a little anal in what requests it accept request entities
> on, for good and bad.
Good, I'd say, personally, since I really doubt the returns from request
entities other than those should be cached... going through a proxy on such
odd requests is not the best idea IMO. (This is, of course, also a problem
with transparent proxying...)
> What servers can reliably detect HTTP proxyied requests from is the
> HTTP signature. The first request line ends in [space]HTTP/x.y
Good point; thank you.
-Allen
-- Allen Smith http://cesario.rutgers.edu/easmith/ September 11, 2001 A Day That Shall Live In Infamy II "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." - Benjamin FranklinReceived on Sun Feb 24 2002 - 09:52:37 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:06:31 MST