Re: [squid-users] Strange HTTP Header causing error message from squid to user

From: Henrik Nordstrom <[email protected]>
Date: Tue, 8 Mar 2005 18:34:30 +0100 (CET)

On Tue, 8 Mar 2005, Mark Wiater wrote:

> So this is safe? Has anyone looked into the security aspects of very
> badly implemented HTTP Headers (and their Servers)?

I have tried to analyze the impacts of each workaround implemented, but
recommends "relaxed_header_parser off" for the security minded even if
this makes a large number of web sites inaccessible, especially so if you
are in a cache hierarchy with other proxy brands or versions.

Regards
Henrik
Received on Tue Mar 08 2005 - 10:34:33 MST

This archive was generated by hypermail pre-2.1.9 : Fri Apr 01 2005 - 12:00:02 MST