Re: [squid-users] Squid as an accelerator for Apache -- security question

From: Brian <hiryuu@dont-contact.us>
Date: Fri, 21 Jun 2002 15:19:44 -0400

Squid is only a 1.0 proxy and chunked encoding is a 1.1 feature, so it
should, yes.

On Friday 21 June 2002 03:12 pm, Erik Lotspeich wrote:
> Hi,
>
> I'm sure that you all have read the recent announcement about Apache:
>
> http://www.cert.org/advisories/CA-2002-17.html
>
> My question is that if you run Squid as an HTTPD accelerator for Apache,
> will it, in essence, shield the user from the invalid chunked-encoding
> request that Apache is vulnerable to? Or will it proxy that request on
> to Apache?
>
> If my question is ignorant, then I apologize. ;)
>
> Thanks,
>
> Erik.
Received on Fri Jun 21 2002 - 13:19:48 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:08:45 MST