david micheneau wrote:
I’ve a trouble with the chunk mode connection pass through a proxy.
It seems that the content-length is not forwarded when you use chunk
mode via a proxy mode: CHANGE-LOG in :
Uhmmm... most of the time it was never there...
*) SECURITY: CAN-2005-2088 (cve.mitre.org)
proxy: Correctly handle the Transfer-Encoding and Content-Length
headers. *Discard the request Content-Length whenever T-E: chunked*
is used, always passing one of either C-L or T-E: chunked whenever
the request includes a request body. Resolves an entire class of
proxy HTTP Request Splitting/Spoofing attacks. [William Rowe]
But now, how we treat a http request, if we don’t know the content
length via proxy mode ?
Transfer-Encoding: chunked.
All HTTP/1.1 servers and clients are required to support that method.
And HTTP/1.1 servers and clients are required to ignore any
Content-Length: header if Transfer-Encoding: chunked is present.
May be a noob question but: Why Apache doesn’t calculate the
content-length himself before to send via the proxy handler ?
It will, for HTTP/1.0 servers.
Care to provide details of a specific problem you are observing?
Bill
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
