------------------------------------------------------------
revno: 13193
revision-id: squid3@treenet.co.nz-20141203120659-lhoj8dlyfiofzs2n
parent: squid3@treenet.co.nz-20141203120113-hcx43ty5grkbd268
committer: Amos Jeffries <squid3@treenet.co.nz>
branch nick: 3.4
timestamp: Wed 2014-12-03 04:06:59 -0800
message:
  Alternate-Protocol is a hop-by-hop header
  
  Google are pushing Alternate-Protocol header to arbitrarily move clients
  from HTTP to their experimental and proprietary protocols.
  
  When relayed through a proxy this can cause traffic bifurcation with
  side effects ranging from client visible failures, to traffic increase
  on the network as proxy caching is bypassed, to security vulnerabilities
  or privacy information leaks over the experimental protocol.
  
  By treating the Alternate-Protocol header as a hop-by-hop header only
  relevant on client->origin connections we can both prevent the above
  issues occuring on networks utilizing a proxy, and also participate in
  the protocol exprimentation process ourselves.
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20141203120659-lhoj8dlyfiofzs2n
# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
# testament_sha1: 00f00f8fef0d1739f062490b204b5a3a9874125a
# timestamp: 2014-12-03 12:08:57 +0000
# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
# base_revision_id: squid3@treenet.co.nz-20141203120113-\
#   hcx43ty5grkbd268
# 
# Begin patch
=== modified file 'src/HttpHeader.cc'
--- src/HttpHeader.cc	2014-01-22 03:18:56 +0000
+++ src/HttpHeader.cc	2014-12-03 12:06:59 +0000
@@ -87,6 +87,7 @@
     {"Accept-Ranges", HDR_ACCEPT_RANGES, ftStr},
     {"Age", HDR_AGE, ftInt},
     {"Allow", HDR_ALLOW, ftStr},
+    {"Alternate-Protocol", HDR_ALTERNATE_PROTOCOL, ftStr},
     {"Authorization", HDR_AUTHORIZATION, ftStr},	/* for now */
     {"Cache-Control", HDR_CACHE_CONTROL, ftPCc},
     {"Connection", HDR_CONNECTION, ftStr},
@@ -266,6 +267,7 @@
 
 static HttpHeaderMask HopByHopHeadersMask;
 static http_hdr_type HopByHopHeadersArr[] = {
+    HDR_ALTERNATE_PROTOCOL,
     HDR_CONNECTION, HDR_HTTP2_SETTINGS, HDR_KEEP_ALIVE, /*HDR_PROXY_AUTHENTICATE,*/ HDR_PROXY_AUTHORIZATION,
     HDR_TE, HDR_TRAILER, HDR_TRANSFER_ENCODING, HDR_UPGRADE, HDR_PROXY_CONNECTION
 };

=== modified file 'src/HttpHeader.h'
--- src/HttpHeader.h	2013-08-08 06:08:37 +0000
+++ src/HttpHeader.h	2014-12-03 12:06:59 +0000
@@ -57,6 +57,7 @@
     HDR_ACCEPT_RANGES,                  /**< RFC 2608, 2616 */
     HDR_AGE,                            /**< RFC 2608, 2616 */
     HDR_ALLOW,                          /**< RFC 2608, 2616 */
+    HDR_ALTERNATE_PROTOCOL,             /**< GFE custom header we may have to erase */
     /*HDR_ALTERNATES,*/                 /* deprecated RFC 2068, 2295 */
     HDR_AUTHORIZATION,                  /**< RFC 2608, 2616, 4559 */
     HDR_CACHE_CONTROL,                  /**< RFC 2608, 2616 */