HTTP Anti-Virus Proxy

Official HAVP Support Forum
Registration disabled, I'm tired of spambots. E-mail havp@hege.li if you have questions.
HAVP project is pretty much frozen/abandoned at this time anyway.


All times are UTC + 2 hours [ DST ]




Post new topic Reply to topic  [ 5 posts ] 
Author Message
PostPosted: 06 May 2006 19:05 
HAVP is modifying HTTP-Headers, which should be at least configureable for those who do not want this.

HAVP always sets "Via: 1.0 HAVP" and additionally if those header-values
appear it sets "Connection: close" or "Connection: Keep-Alive" where it
doesn't take care of upper and lower case of the original header values.

Bye,
John


Top
  
 
PostPosted: 06 May 2006 22:13 
Offline
HAVP Developer

Joined: 27 Feb 2006 18:12
Posts: 687
Location: Finland
Anonymous wrote:
HAVP is modifying HTTP-Headers, which should be at least configureable for those who do not want this.

HAVP always sets "Via: 1.0 HAVP" and additionally if those header-values
appear it sets "Connection: close" or "Connection: Keep-Alive" where it
doesn't take care of upper and lower case of the original header values.


Via-header has nothing to do with Connection-header. But sure, next version shall have atleast configurable Via and X-Forward-For. Via is required in any case, but hostnames can be hidden.

Now what would be the use of keeping original casing? There is nothing that requires it.

Cheers,
Henrik


Top
 Profile  
 
 Post subject:
PostPosted: 07 May 2006 00:20 
Yes, Via and Connection do not depend on each other. I expressed myself wrongly.

I'm aware that the Via-Header has to be set accordingly to the HTTP-RFC, but I don't want to let outsiders or even insiders
know that I'm using HAVP so that anyone can use this information to their advantage.

The case-change of the Connection-values may also lead to a detection of HAVP.

Bye,
John


Top
  
 
 Post subject:
PostPosted: 07 May 2006 09:24 
Offline
HAVP Developer

Joined: 27 Feb 2006 18:12
Posts: 687
Location: Finland
Anonymous wrote:
I'm aware that the Via-Header has to be set accordingly to the HTTP-RFC, but I don't want to let outsiders or even insiders
know that I'm using HAVP so that anyone can use this information to their advantage.

The case-change of the Connection-values may also lead to a detection of HAVP.


Isn't that a bit too paranoid.. what are you using for error pages? Do you fake viruses as Squid error page? Why don't you use Squid sandwich then, it should remove HAVP headers?

For your pleasure, I will lowercase Keep-Alive so it will be identical to Squid (you can easily change this yourself, grep Keep-Alive httphandler.cpp). There is nothing else you can do. Connection-header is sent between Client<->Proxy and Proxy<->Server, NOT Client->Proxy->Server.

Cheers,
Henrik


Top
 Profile  
 
 Post subject:
PostPosted: 07 May 2006 16:29 
hege wrote:
Isn't that a bit too paranoid.. what are you using for error pages? Do you fake viruses as Squid error page? Why don't you use Squid sandwich then, it should remove HAVP headers?


I know it is a little bit paranoid, but I made worse experiences which revealing too much information. The error pages of HAVP have been redesigned,
but no traces indicate HAVP. A Squid-sandwich just to remove the VIA-Header is overkill. I removed the corresponding line in the surce-code of HAVP,
but I'd wish to had this configureable.

hege wrote:
For your pleasure, I will lowercase Keep-Alive so it will be identical to Squid (you can easily change this yourself, grep Keep-Alive httphandler.cpp). There is nothing else you can do. Connection-header is sent between Client<->Proxy and Proxy<->Server, NOT Client->Proxy->Server.


I'm aware that a proxy must not re-transmit the connection-value, so that's goo now. However, the Via-header would be much more important.
Looking at the case of the connection-value is really paranoid :wink:

Bye,
John


Top
  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 5 posts ] 

All times are UTC + 2 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group