On 26.7.2012 10:15, Sander Klein wrote:
So I definitely think Internet Explorer is doing it wrong. It relies on
the fact that most web servers will encode the URL for them, which most
actually do....
If you really want to accept the 'bad' URLs then you might enable
'option accept-invalid-http-request' but I strongly recommend to not
enable this in a production environment.
I did a bit of ngrep-ing yesterday as well, and we are indeed seeing
non-ASCII encoded characters flowing in URLs and Referrers, from MSIE
clients. We'll see how we handle those on our actual backends (without
HAproxy forwarding the traffic), and then decide on what the next step
would be.
Thanks for the input so far.
br, Stojan
