IETF Logo Mail Archive

Re: [hybi] #1: HTTP Compliance

Willy Tarreau <w@1wt.eu> Wed, 21 July 2010 14:34 UTC

Return-Path: <w@1wt.eu>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E9F2D3A67EB for <hybi@core3.amsl.com>; Wed, 21 Jul 2010 07:34:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.766
X-Spam-Level:
X-Spam-Status: No, score=-3.766 tagged_above=-999 required=5 tests=[AWL=-1.723, BAYES_00=-2.599, HELO_IS_SMALL6=0.556]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qqdZyYjsecyE for <hybi@core3.amsl.com>; Wed, 21 Jul 2010 07:34:39 -0700 (PDT)
Received: from 1wt.eu (1wt.eu [62.212.114.60]) by core3.amsl.com (Postfix) with ESMTP id DE1743A687A for <hybi@ietf.org>; Wed, 21 Jul 2010 07:34:36 -0700 (PDT)
Received: (from willy@localhost) by mail.home.local (8.14.4/8.14.4/Submit) id o6LEYiEh002626; Wed, 21 Jul 2010 16:34:44 +0200
Date: Wed, 21 Jul 2010 16:34:44 +0200
From: Willy Tarreau <w@1wt.eu>
To: John Tamplin <jat@google.com>
Message-ID: <20100721143444.GA2598@1wt.eu>
References: <068.d07026741c6694cd80652d2a7d34f236@tools.ietf.org> <4BF106AD.6020506@webtide.com> <A42E692A-7210-4FF1-AB4F-CFB3E8C38756@apple.com> <AANLkTinorjXFsTH=TvhhF-+e3Eyen8EA2qL7wFCmqpYe@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <AANLkTinorjXFsTH=TvhhF-+e3Eyen8EA2qL7wFCmqpYe@mail.gmail.com>
User-Agent: Mutt/1.4.2.3i
Cc: "hybi@ietf.org" <hybi@ietf.org>
Subject: Re: [hybi] #1: HTTP Compliance
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Jul 2010 14:34:40 -0000

On Wed, Jul 21, 2010 at 10:15:42AM -0400, John Tamplin wrote:
> > I don't think anyone has indicated a practical problem caused by the extra
> > bytes.
> >
> 
> I believe we have already had a real-world practical case where they did
> cause a problem:
> 
>    - client sends WebSocket request that goes through a proxy, random bytes
>    are not advertised in the Content-length
>    - proxy doesn't know WebSocket, passes along connection to real server
>    which does implement WebSocket
>    - server waits reading random bytes which were not forwarded
>    - server drops the connection after a timeout

Confirmed. And it will fail with any HTTP reverse-proxy. And if you manage
to make an HTTP reverse-proxy work with the current scheme, then this
rev-proxy can be tricked by the client into sending uncontrolled requests
to the server (by just setting the "Upgrade" option that the server will
ignore).

> Thus the random bytes did succeed in preventing a WebSocket connection
> across a non-WS compliant proxy, but:
> 
>    1. the proxy was actually capable of forwarding the connection if the
>    server had completed the request
>    2. we had to wait for a timeout, so this was not a fast-fail situation
>    3. the same thing could have been more easily accomplished by having a WS
>    control frame exchanged at startup with similar results without
>    non-compliant random bytes on the wire

And it would have worked without requiring any change to deployed components.

Regards,
Willy

v2.23.0 | Report a Bug | By Email