On Wed, Oct 9, 2013, at 20:35, Amos Jeffries wrote: > All such online header tools are really only delivering a report of the > headers which reached them. None of them have ever displayed "The > Truth"(tm). The internals of the browser itself contains a set of layers > doing header additions and changes. The same is (supposed to be) true of > every extra layer of software proxies across the network. I just can't believe that someone would just keep a lying tool up. Maybe I'll send him an email. > This case is a great example of how no matter what header manipulation > you do in your own proxy it cannot change what others are doing to the > traffic elsewhere. The CDN he uses adding its own X-Forwarded-* headers. > Your own upstream provider might add the X-Forwarded-For header adding > details about you. Every proxy along the way removes existing hop-by-hop > headers and adds new ones. Crumcast shouldn't be manipulating my HTML headers; that would cost too much. > One interesting case here is that if you add X-Forwarded-For on your > requests, does that value show up at his end? I did try setting it to 127.0.0.1, but it didn't fool him. Interestingly I run NoScript and have all scripting turned off for his site, yet he still comes up with my IP. Hm, maybe Crumcast is narcking me out. -- http://www.fastmail.fm - One of many happy users: http://www.fastmail.fm/help/overview_quotes.html
