Mailing List Archive: Re: DoS with mod

Mailing List Archive: Apache: Dev
Re: DoS with mod_deflate & range requests

Index | Next | Previous | View Flat

fielding at gbiv

Aug 23, 2011, 6:34 PM

Views: 14615
Permalink

Re: DoS with mod_deflate & range requests [In reply to]

On Aug 23, 2011, at 2:34 PM, William A. Rowe Jr. wrote:

> On 8/23/2011 4:00 PM, Greg Ames wrote:
>>
>> On Tue, Aug 23, 2011 at 3:32 PM, William A. Rowe Jr. wrote:
>>
>> I suggest we should be parsing and reassembling the list before we
>> start the bucket logic.
>>
>> I propose we satisfy range requests in the only sensible manner, returning
>> the ranges in sequence,
>>
>> yeah, overlapping ranges should be merged up front. That ought to completely fix the issue.
>
> So the only remaining question; are we free to reorder them into sequence?

And the spec says ...

When a client requests multiple ranges in one request, the
server SHOULD return them in the order that they appeared in the
request.

My suggestion is to reject any request with overlapping ranges or more
than five ranges with a 416, and to send 200 for any request with 4-5
ranges. There is simply no need to support random access in HTTP.

....Roy

Subject	User	Time
DoS with mod_deflate & range requests	sf at sfritsch	Aug 23, 2011, 4:08 AM
RE: DoS with mod_deflate & range requests	ruediger.pluem at vodafone	Aug 23, 2011, 5:11 AM
Re: DoS with mod_deflate & range requests	lazy404 at gmail	Aug 23, 2011, 5:15 AM
Re: DoS with mod_deflate & range requests	lazy404 at gmail	Aug 23, 2011, 6:56 AM
Re: DoS with mod_deflate & range requests	isoma at jellybaby	Aug 23, 2011, 7:00 AM
Re: DoS with mod_deflate & range requests	wrowe at rowe-clan	Aug 23, 2011, 11:18 AM
Re: DoS with mod_deflate & range requests	sf at sfritsch	Aug 23, 2011, 11:49 AM
Re: DoS with mod_deflate & range requests	mohameddawaina at gmail	Aug 23, 2011, 11:52 AM
Re: DoS with mod_deflate & range requests	wrowe at rowe-clan	Aug 23, 2011, 12:32 PM
Re: DoS with mod_deflate & range requests	ames.greg at gmail	Aug 23, 2011, 2:00 PM
Re: DoS with mod_deflate & range requests	wrowe at rowe-clan	Aug 23, 2011, 2:34 PM
Re: DoS with mod_deflate & range requests	sf at sfritsch	Aug 23, 2011, 3:28 PM
RE: DoS with mod_deflate & range requests	ruediger.pluem at vodafone	Aug 24, 2011, 1:05 AM
Re: DoS with mod_deflate & range requests	fielding at gbiv	Aug 23, 2011, 6:34 PM
Re: DoS with mod_deflate & range requests	sf at sfritsch	Aug 23, 2011, 11:38 PM
Re: DoS with mod_deflate & range requests	isoma at jellybaby	Aug 24, 2011, 8:35 AM
Re: DoS with mod_deflate & range requests	Dirk-Willem.van.Gulik at bbc	Aug 24, 2011, 8:46 AM
RE: DoS with mod_deflate & range requests	ruediger.pluem at vodafone	Aug 24, 2011, 8:55 AM
Re: DoS with mod_deflate & range requests	fielding at gbiv	Aug 24, 2011, 1:56 PM
Re: DoS with mod_deflate & range requests	wrowe at rowe-clan	Aug 24, 2011, 2:12 PM
Re: DoS with mod_deflate & range requests	fielding at gbiv	Aug 24, 2011, 2:54 PM
Re: DoS with mod_deflate & range requests	wrowe at rowe-clan	Aug 24, 2011, 4:39 PM
Re: DoS with mod_deflate & range requests	fielding at gbiv	Aug 24, 2011, 4:43 PM
Re: DoS with mod_deflate & range requests	wrowe at rowe-clan	Aug 24, 2011, 4:50 PM
Re: DoS with mod_deflate & range requests	jim at jaguNET	Aug 24, 2011, 6:01 PM
Re: DoS with mod_deflate & range requests	jim at jaguNET	Aug 24, 2011, 5:59 PM
Re: DoS with mod_deflate & range requests	sf at sfritsch	Aug 24, 2011, 11:21 PM
RE: DoS with mod_deflate & range requests	ruediger.pluem at vodafone	Aug 24, 2011, 11:56 PM
Re: DoS with mod_deflate & range requests	jim at jaguNET	Aug 24, 2011, 8:41 AM
Re: DoS with mod_deflate & range requests	h.reindl at thelounge	Aug 23, 2011, 3:12 PM
Re: DoS with mod_deflate & range requests	jim at jaguNET	Aug 24, 2011, 8:48 AM
RE: DoS with mod_deflate & range requests	ruediger.pluem at vodafone	Aug 24, 2011, 9:02 AM
Re: DoS with mod_deflate & range requests	jim at jaguNET	Aug 24, 2011, 9:01 AM
RE: DoS with mod_deflate & range requests	ruediger.pluem at vodafone	Aug 24, 2011, 9:05 AM
Re: DoS with mod_deflate & range requests	wrowe at rowe-clan	Aug 24, 2011, 9:22 AM
Re: DoS with mod_deflate & range requests	jim at jaguNET	Aug 24, 2011, 9:42 AM
Re: DoS with mod_deflate & range requests	ames.greg at gmail	Aug 24, 2011, 12:10 PM
Re: DoS with mod_deflate & range requests	wrowe at rowe-clan	Aug 24, 2011, 12:34 PM
Re: DoS with mod_deflate & range requests	jim at jaguNET	Aug 24, 2011, 1:12 PM
Re: DoS with mod_deflate & range requests	wrowe at rowe-clan	Aug 24, 2011, 2:01 PM
Re: DoS with mod_deflate & range requests	jim at jaguNET	Aug 24, 2011, 9:33 AM
Re: DoS with mod_deflate & range requests	sf at sfritsch	Aug 24, 2011, 9:47 AM
Re: DoS with mod_deflate & range requests	isoma at jellybaby	Aug 24, 2011, 11:43 AM
Re: DoS with mod_deflate & range requests	jim at jaguNET	Aug 24, 2011, 12:13 PM
Re: DoS with mod_deflate & range requests	isoma at jellybaby	Aug 24, 2011, 1:37 PM
Re: DoS with mod_deflate & range requests	jim at jaguNET	Aug 24, 2011, 12:19 PM
Re: DoS with mod_deflate & range requests	ames.greg at gmail	Aug 24, 2011, 1:39 PM
Re: DoS with mod_deflate & range requests	dirkx at webweaving	Aug 24, 2011, 1:45 PM
Re: DoS with mod_deflate & range requests	fielding at gbiv	Aug 24, 2011, 1:58 PM
Re: DoS with mod_deflate & range requests	wrowe at rowe-clan	Aug 24, 2011, 2:00 PM
Re: DoS with mod_deflate & range requests	jim at jaguNET	Aug 24, 2011, 2:08 PM
Re: DoS with mod_deflate & range requests	sf at sfritsch	Aug 24, 2011, 2:04 PM
Re: DoS with mod_deflate & range requests	jim at jaguNET	Aug 24, 2011, 2:06 PM
Re: DoS with mod_deflate & range requests	wrowe at rowe-clan	Aug 24, 2011, 2:19 PM
Re: DoS with mod_deflate & range requests	ames.greg at gmail	Aug 24, 2011, 2:32 PM
Re: DoS with mod_deflate & range requests	jim at jaguNET	Aug 25, 2011, 4:41 AM

Index | Next | Previous | View Flat

Interested in having your list archived? Contact Gossamer Threads