varnish-bugs at varnish-cache
Sep 6, 2011, 12:53 AM
Post #2 of 2
(142 views)
Permalink
|
|
Re: #1009: Varnish allows invalid headers
[In reply to]
|
|
#1009: Varnish allows invalid headers
-------------------------+--------------------------------------------------
Reporter: scoof | Type: defect
Status: closed | Priority: low
Milestone: | Component: varnishd
Version: trunk | Severity: normal
Resolution: worksforme | Keywords:
-------------------------+--------------------------------------------------
Changes (by phk):
* status: new => closed
* resolution: => worksforme
Comment:
The reason why we do not do this, is that Varnish does not text-process
all headers, only the ones it needs to use.
RFC2616 says
{{{
10.4.1 400 Bad Request
The request could not be understood by the server due to malformed
syntax. The client SHOULD NOT repeat the request without
modifications.
}}}
If an HTTP request contains a dskfjsldkfslkfjsdl line, Varnish is still
perfectly able to understand it, it just ignores that line.
If you want to have Varnish be anal retentive about HTTP request, the way
to do it, is to write a VMOD::strict.
The bug in this case is in varnishncsa (as per ticket #1006).
--
Ticket URL: <http://www.varnish-cache.org/trac/ticket/1009#comment:1>
Varnish <http://varnish-cache.org/>
The Varnish HTTP Accelerator
_______________________________________________
varnish-bugs mailing list
varnish-bugs [at] varnish-cache
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-bugs
|
