david micheneau wrote:
I’ve a trouble with the chunk mode connection pass through a proxy.It seems that the content-length is not forwarded when you use chunk mode via a proxy mode: CHANGE-LOG in :
Uhmmm... most of the time it was never there...
*) SECURITY: CAN-2005-2088 (cve.mitre.org) proxy: Correctly handle the Transfer-Encoding and Content-Length headers. *Discard the request Content-Length whenever T-E: chunked*is used, always passing one of either C-L or T-E: chunked whenever the request includes a request body. Resolves an entire class ofproxy HTTP Request Splitting/Spoofing attacks. [William Rowe]But now, how we treat a http request, if we don’t know the content length via proxy mode ?
Transfer-Encoding: chunked. All HTTP/1.1 servers and clients are required to support that method. And HTTP/1.1 servers and clients are required to ignore any Content-Length: header if Transfer-Encoding: chunked is present.
May be a noob question but: Why Apache doesn’t calculate the content-length himself before to send via the proxy handler ?
It will, for HTTP/1.0 servers. Care to provide details of a specific problem you are observing? Bill --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|