I'm sure it wasn't malicious. That tool was put up in 2003. At some
point in the past 10 years he probably put a reverse proxy in front of
his site. Maybe you should email him and tell him he's broken his header
tool.
On 10/09/2013 03:55 PM, merc1984@xxxxxx wrote:
Didn't miss his point and I understand exactly what he said.
My question is what possible motive could ericgiguere have for
misrepresenting headers, on a header query site?
It just doesn't make sense.
On Wed, Oct 9, 2013, at 12:05, Will Roberts wrote:
I think you missed Alex's point.
That page itself sits behind a reverse proxy that adds X-Forwarded-For.
So using that for your testing isn't going to help.
On 10/09/2013 03:01 PM, merc1984@xxxxxx wrote:
Well for Heaven's sake.
What motivation could he possibly have for dinking with teh headers?
On Wed, Oct 9, 2013, at 11:08, Alex Rousskov wrote:
On 10/09/2013 10:15 AM, merc1984@xxxxxx wrote:
Looks like turning off x-forwarded-for, has been disabled now. Nothing
works.
To see what I'm talking about, go to
http://www.ericgiguere.com/tools/http-header-viewer.html
The above web page hosts a script that cannot be used as intended
because it sits behind a server that adds X-Forwarded-For and alters
some other HTTP headers.
Try testing with something more reliable, like taking a packet capture
and looking at the actual HTTP requests sent by Squid.
HTH,
Alex.