HTTP Anti-Virus Proxy
http://havp.hege.li/forum/

HAVP should not modify HTTP-Headers
http://havp.hege.li/forum/viewtopic.php?f=4&t=84		 Page 1 of 1
Author:  Guest [ 06 May 2006 19:05 ]
Post subject:  HAVP should not modify HTTP-Headers
HAVP is modifying HTTP-Headers, which should be at least configureable for those who do not want this.

HAVP always sets "Via: 1.0 HAVP" and additionally if those header-values
appear it sets "Connection: close" or "Connection: Keep-Alive" where it
doesn't take care of upper and lower case of the original header values.

Bye,
John
Author:  hege [ 06 May 2006 22:13 ]
Post subject:  Re: HAVP should not modify HTTP-Headers
Anonymous wrote:
HAVP is modifying HTTP-Headers, which should be at least configureable for those who do not want this.

HAVP always sets "Via: 1.0 HAVP" and additionally if those header-values
appear it sets "Connection: close" or "Connection: Keep-Alive" where it
doesn't take care of upper and lower case of the original header values.


Via-header has nothing to do with Connection-header. But sure, next version shall have atleast configurable Via and X-Forward-For. Via is required in any case, but hostnames can be hidden.

Now what would be the use of keeping original casing? There is nothing that requires it.

Cheers,
Henrik
Author:  Guest [ 07 May 2006 00:20 ]
Post subject: 
Yes, Via and Connection do not depend on each other. I expressed myself wrongly.

I'm aware that the Via-Header has to be set accordingly to the HTTP-RFC, but I don't want to let outsiders or even insiders
know that I'm using HAVP so that anyone can use this information to their advantage.

The case-change of the Connection-values may also lead to a detection of HAVP.

Bye,
John
Author:  hege [ 07 May 2006 09:24 ]
Post subject: 
Anonymous wrote:
I'm aware that the Via-Header has to be set accordingly to the HTTP-RFC, but I don't want to let outsiders or even insiders
know that I'm using HAVP so that anyone can use this information to their advantage.

The case-change of the Connection-values may also lead to a detection of HAVP.


Isn't that a bit too paranoid.. what are you using for error pages? Do you fake viruses as Squid error page? Why don't you use Squid sandwich then, it should remove HAVP headers?

For your pleasure, I will lowercase Keep-Alive so it will be identical to Squid (you can easily change this yourself, grep Keep-Alive httphandler.cpp). There is nothing else you can do. Connection-header is sent between Client<->Proxy and Proxy<->Server, NOT Client->Proxy->Server.

Cheers,
Henrik
Author:  Guest [ 07 May 2006 16:29 ]
Post subject: 
hege wrote:
Isn't that a bit too paranoid.. what are you using for error pages? Do you fake viruses as Squid error page? Why don't you use Squid sandwich then, it should remove HAVP headers?


I know it is a little bit paranoid, but I made worse experiences which revealing too much information. The error pages of HAVP have been redesigned,
but no traces indicate HAVP. A Squid-sandwich just to remove the VIA-Header is overkill. I removed the corresponding line in the surce-code of HAVP,
but I'd wish to had this configureable.

hege wrote:
For your pleasure, I will lowercase Keep-Alive so it will be identical to Squid (you can easily change this yourself, grep Keep-Alive httphandler.cpp). There is nothing else you can do. Connection-header is sent between Client<->Proxy and Proxy<->Server, NOT Client->Proxy->Server.


I'm aware that a proxy must not re-transmit the connection-value, so that's goo now. However, the Via-header would be much more important.
Looking at the case of the connection-value is really paranoid :wink:

Bye,
John
Page 1 of 1 All times are UTC + 2 hours [ DST ]
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/