On Tue, 8 Feb 2005, Paul Fiero wrote:
I brought this up only because of a query by my peers asking about the possibility of people using gzipped HTML pages as a delivery vector for virii.
Any decent virus scanner should be able to scan gzipped HTML pages for malicious code just as it can scan plain-text HTML pages. If your virus scanner can not then you should look at using another virus scanner, not blocking gzip compressed HTML in general.
My concern with this is that we would very likely end up blocking more legitimate pages than we would protect ourselves against.
Fully agreed. Several major web sites is using gzip compression to save bandwidth.
Regards Henrik
