tor 2007-03-08 klockan 00:39 -0500 skrev rincon naidu:
> Facing difficulties while testing HTTP response splitting with old
> version of squid. Currently I am running squid on linux and apache is
> the
> webserver. Could you please give some hints/steps to test HTTP response
> splitting with HTML URLs.
>
> Greatly appreciated if you give some inputs.
What do you mean by response splitting? Multiple clients getting the
same resonse?
If so then the server must have sent all the HTTP headers, and the
response must be cached. Once these conditions have been fulfilled
additional clients will join the same request as hits while it is still
being fetched.
With Squid-2.6 Squid can be told to do the above optimistically,
delaying new clients until the HTTP headers are available. See the
collapsed_forwarding directive. But bevare of Vary bugs in early 2.6
releases.. (was fixed in 2.6.STABLE5).
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Sat Mar 31 2007 - 13:00:01 MDT