IETF Logo Mail Archive

Re: [hybi] #4: handshake does not work properly with HTTP reverse proxy.

Jamie Lokier <jamie@shareable.org> Wed, 21 July 2010 22:22 UTC

Return-Path: <jamie@shareable.org>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 28D793A6899 for <hybi@core3.amsl.com>; Wed, 21 Jul 2010 15:22:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.289
X-Spam-Level:
X-Spam-Status: No, score=-2.289 tagged_above=-999 required=5 tests=[AWL=0.310, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Rz-mRJpfKPHD for <hybi@core3.amsl.com>; Wed, 21 Jul 2010 15:22:00 -0700 (PDT)
Received: from mail2.shareable.org (mail2.shareable.org [80.68.89.115]) by core3.amsl.com (Postfix) with ESMTP id 52AFB3A67D9 for <hybi@ietf.org>; Wed, 21 Jul 2010 15:22:00 -0700 (PDT)
Received: from jamie by mail2.shareable.org with local (Exim 4.63) (envelope-from <jamie@shareable.org>) id 1Obhg2-0000Vs-6f; Wed, 21 Jul 2010 23:22:10 +0100
Date: Wed, 21 Jul 2010 23:22:10 +0100
From: Jamie Lokier <jamie@shareable.org>
To: Willy Tarreau <w@1wt.eu>
Message-ID: <20100721222210.GA14589@shareable.org>
References: <068.da8db0c773647cb0ed73d576f39e93ee@tools.ietf.org> <20100717023749.GA2426@shareable.org> <AANLkTil36SNqlpqq2zNMVSgsA_27kqnuioi0qFTKQR1m@mail.gmail.com> <20100720044352.GE14242@1wt.eu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20100720044352.GE14242@1wt.eu>
User-Agent: Mutt/1.5.13 (2006-08-11)
Cc: hybi@ietf.org, hybi issue tracker <trac@tools.ietf.org>
Subject: Re: [hybi] #4: handshake does not work properly with HTTP reverse proxy.
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Jul 2010 22:22:01 -0000

Willy Tarreau wrote:
> Also, I would really insist that we add a "Connection: close" in the
> initial HTTP handshake, whatever it looks like in the end, so that we
> protect the servers against any form of request injection after the
> first one.

I agree, that's good advice.

-- Jamie

v2.23.0 | Report a Bug | By Email