Search squid archive

Re: x-forwarded-for Fail

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Oct 9, 2013, at 20:35, Amos Jeffries wrote:
> All such online header tools are really only delivering a report of the 
> headers which reached them. None of them have ever displayed "The 
> Truth"(tm). The internals of the browser itself contains a set of layers 
> doing header additions and changes. The same is (supposed to be) true of 
> every extra layer of software proxies across the network.

I just can't believe that someone would just keep a lying tool up. 
Maybe I'll send him an email.


> This case is a great example of how no matter what header manipulation 
> you do in your own proxy it cannot change what others are doing to the 
> traffic elsewhere. The CDN he uses adding its own X-Forwarded-* headers. 
> Your own upstream provider might add the X-Forwarded-For header adding 
> details about you. Every proxy along the way removes existing hop-by-hop 
> headers and adds new ones.

Crumcast shouldn't be manipulating my HTML headers;  that would cost too
much.


> One interesting case here is that if you add X-Forwarded-For on your 
> requests, does that value show up at his end?

I did try setting it to 127.0.0.1, but it didn't fool him.

Interestingly I run NoScript and have all scripting turned off for his
site, yet he still comes up with my IP.  Hm, maybe Crumcast is narcking
me out.


-- 
http://www.fastmail.fm - One of many happy users:
  http://www.fastmail.fm/help/overview_quotes.html





[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux