The error is quite self explanatory. A very broken web server and it is not secure to generally accept answers malformed in this manner.
The fix to this problem is to speak to the people running the web server and have the web server fixed.
Regards Henrik
On Thu, 24 Feb 2005, Donati Herve wrote:
Hi Henrik,
First of all, excuse my English...
Since we applied STABLE7 patches (we're now in STABLE9) some requests are no more satisfied by squid.
As an example, this address
http://boutique.mfe.org/downloads.asp?ref_commande=CMD-9379-20570&id_produit=206
In cache.log, I got :
2005/02/24 16:48:57| ctx: exit level 0
2005/02/24 16:48:57| urlParse: Illegal character in hostname '%3cbr%20'
2005/02/24 16:51:56| ctx: enter level 0: 'http://boutique.mfe.org/downloads.asp?ref_commande=CMD-9379-20570&id_produit=206'
2005/02/24 16:51:56| WARNING: found two conflicting content-length headers in {Server: Microsoft-IIS/5.0
Date: Thu, 24 Feb 2005 15:53:58 GMT
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Disposition: attachment; filename=MAR_2004.pdf
Content-Length: 322465
Connection: Keep-Alive
Content-Length: 322466
Content-Type: application/octet-stream
Cache-control: private
}
with 2 content-lengths slightly differents but it's sufficient.
And it occured on other sites. Our security administrator asks us to get the latest versions of squid and now that we have several requests of unsatisfied users with this problem, he asks himself if we might not return to an old version...
Isn't it possible to have a directive in config file to perform or not header controls ?
