Hi,
One of my users is getting an error message when accessing a page
through Squid but the page loads fine in Firefox, IE & Netscape
directly.
The headers that the HTTP server is returning look odd to me.
First, the Date: field has two dates on the same line, comma separated.
Same thing for th
Hi,
Mark Wiater wrote:
Hi,
One of my users is getting an error message when accessing a page
through Squid but the page loads fine in Firefox, IE & Netscape
directly.
The headers that the HTTP server is returning look odd to me.
First, the Date: field has two dates on the same line, comma separat
On Tue, 2005-03-08 at 10:42 +1300, Reuben Farrelly wrote:
> If it has a malformed Date, Server and Connection header, then it is
> very very broken, and likely makes no sense to squid. It probably makes
> no sense to your browser either, but it likely just ignores it. You're
> really asking "w
On Mon, 7 Mar 2005, Mark Wiater wrote:
What version of squid are you using? (squid -v)
2.5 stable8, it's an rpm package for Fedora Core 3.
squid-2.5.STABLE8-1.FC3.1
Upgrading to 2.5.STABLE9 helps some as the parser was relaxed a bit more
there by default, but no guarantees as the server you asked
On Tue, 8 Mar 2005, Henrik Nordstrom wrote:
On Mon, 7 Mar 2005, Mark Wiater wrote:
What version of squid are you using? (squid -v)
2.5 stable8, it's an rpm package for Fedora Core 3.
squid-2.5.STABLE8-1.FC3.1
Upgrading to 2.5.STABLE9 helps some as the parser was relaxed a bit more
there by defaul
Hi,
Henrik Nordstrom wrote:
On Tue, 8 Mar 2005, Henrik Nordstrom wrote:
On Mon, 7 Mar 2005, Mark Wiater wrote:
What version of squid are you using? (squid -v)
2.5 stable8, it's an rpm package for Fedora Core 3.
squid-2.5.STABLE8-1.FC3.1
Upgrading to 2.5.STABLE9 helps some as the parser was relaxe
On Tue, 2005-03-08 at 13:17 +1300, Reuben Farrelly wrote:
> I'll put a request in Fedora Core bugzilla, for the maintainer to
> upgrade the package to -STABLE9..
>
> reuben
Wow. thanks.
So this is safe? Has anyone looked into the security aspects of very
badly implemented HTTP Headers (and the
On Tue, 8 Mar 2005, Mark Wiater wrote:
So this is safe? Has anyone looked into the security aspects of very
badly implemented HTTP Headers (and their Servers)?
I have tried to analyze the impacts of each workaround implemented, but
recommends "relaxed_header_parser off" for the security minded eve
