Hi, Lieven, Von: lieven.govae...@gmail.com [mailto:lieven.govae...@gmail.com] Im > On Thu, Nov 8, 2012 at 12:02 PM, Markus Schaber <m.scha...@codesys.com> > wrote: > > Von: lieven.govae...@gmail.com > > [....] > >> 5. In one of Philip error-reporting mails, there was mention of a > >> "408 Request Time-out" response. > >> (http://svn.haxx.se/dev/archive-2012-11/0076.shtml). > >> No idea if the server sends this response because one of the above > >> issues, or if this has a different root caus. What I do know is that > >> serf does not expect this response as it's not related to an > >> outstanding request. In that case, serf will return and APR_GENERAL error. > >> > >> I think 3+4+5 are relatively easy to solve, but probably difficult to > >> reproduce to validate the implemented solutions. > >> 1a and 2 require more analysis, I'll try to focus on these two. > > > > I think 5 might be testable with a special version of mod_dontdothat > which injects that error code, maybe conditionally or randomly. > > I've found a way to trigger the issue with some modifications to serf, see > the new email thread: > http://svn.haxx.se/dev/archive-2012-11/0238.shtml
I'm happy to hear that. Another possibility we could keep in mind for future incidents might be a special http proxy for fault injection. http://spareclockcycles.org/2010/06/10/sergio-proxy-released/ http://extradata.com/products/FaultFactory/ https://www.owasp.org/index.php/Category%3aOWASP_WebScarab_Project Best regards Markus Schaber CODESYS(r) a trademark of 3S-Smart Software Solutions GmbH Inspiring Automation Solutions 3S-Smart Software Solutions GmbH Dipl.-Inf. Markus Schaber | Product Development Core Technology Memminger Str. 151 | 87439 Kempten | Germany Tel. +49-831-54031-979 | Fax +49-831-54031-50 E-Mail: m.scha...@codesys.com | Web: http://www.codesys.com CODESYS internet forum: http://forum.codesys.com Managing Directors: Dipl.Inf. Dieter Hess, Dipl.Inf. Manfred Werner | Trade register: Kempten HRB 6186 | Tax ID No.: DE 167014915
