Re: gzip compression and httpd/relayd
* Stuart Henderson le [29-01-2018 08:14:03 +]: > On 2018-01-28, Thuban wrote: > > > >> Yes it's possible. Make sure to set the appriopriate HTTP headers aswell > >> with relayd: read "Accept-Encoding" and if it's acceptable set > >> "Content-Encoding". > > > > Indeed, it works. > > > > relayd.conf : > > > > match response header "Accept-Encoding" value "gzip" > > match response header set "Content-Encoding" value "gzip" > > > > Then : > > > > cd /var/www/htdocs/site > > gzip style.css && mv style.css.gz style.css > > > > Now, open URL pointing to style.css, and here you go. > > > > However, all your files must be gzipped, or the browser is unhappy. > > > > Thanks a lot. > > > > > > Fun hack, but it's going to break for a browser that doesn't support gzip. > Also it's a nice trap for the next admin that comes along (which may be your > future self :) The fun part comes when you trap script kiddies with gzip bomb: - Create a bomb : `dd if=/dev/zero bs=1M count=10240 | gzip > surprise.html` (yeah, this is not html, but bots don't care) - In html code, put something like Do NOT follow this link or you will have problems! - In relayd.conf : match request header "Accept-Encoding" value "gzip" match request path "/surprise.html" match response header set "Content-Encoding" value "gzip" A bot fetching "surprise.html" will see CPU usage increasing, too bad... Regards. signature.asc Description: PGP signature
Re: gzip compression and httpd/relayd
On 2018-01-28, Thuban wrote: > >> Yes it's possible. Make sure to set the appriopriate HTTP headers aswell >> with relayd: read "Accept-Encoding" and if it's acceptable set >> "Content-Encoding". > > Indeed, it works. > > relayd.conf : > > match response header "Accept-Encoding" value "gzip" > match response header set "Content-Encoding" value "gzip" > > Then : > > cd /var/www/htdocs/site > gzip style.css && mv style.css.gz style.css > > Now, open URL pointing to style.css, and here you go. > > However, all your files must be gzipped, or the browser is unhappy. > > Thanks a lot. > > Fun hack, but it's going to break for a browser that doesn't support gzip. Also it's a nice trap for the next admin that comes along (which may be your future self :)
Re: gzip compression and httpd/relayd
Am Sun, 28 Jan 2018 10:18:30 +0100 schrieb Thuban : > > > Yes it's possible. Make sure to set the appriopriate HTTP headers > > aswell with relayd: read "Accept-Encoding" and if it's acceptable > > set "Content-Encoding". > > Indeed, it works. > > relayd.conf : > > match response header "Accept-Encoding" value "gzip" > match response header set "Content-Encoding" value "gzip" > > Then : > > cd /var/www/htdocs/site > gzip style.css && mv style.css.gz style.css > > Now, open URL pointing to style.css, and here you go. > > However, all your files must be gzipped, or the browser is unhappy. > > Thanks a lot. > Interesting... Thank you
Re: gzip compression and httpd/relayd
On Sun, Jan 28, 2018 at 10:18:30AM +0100, Thuban wrote: > > > Yes it's possible. Make sure to set the appriopriate HTTP headers aswell > > with relayd: read "Accept-Encoding" and if it's acceptable set > > "Content-Encoding". > > Indeed, it works. > > relayd.conf : > > match response header "Accept-Encoding" value "gzip" This should be: match request header "Accept-Encoding" value "*gzip*" I think. It should only output gzip if it's an accepted encoding, else some clients break. > match response header set "Content-Encoding" value "gzip" > > Then : > > cd /var/www/htdocs/site > gzip style.css && mv style.css.gz style.css > > Now, open URL pointing to style.css, and here you go. > > However, all your files must be gzipped, or the browser is unhappy. > > Thanks a lot. > You're welcome :) -- Kind regards, Hiltjo
Re: gzip compression and httpd/relayd
> Yes it's possible. Make sure to set the appriopriate HTTP headers aswell > with relayd: read "Accept-Encoding" and if it's acceptable set > "Content-Encoding". Indeed, it works. relayd.conf : match response header "Accept-Encoding" value "gzip" match response header set "Content-Encoding" value "gzip" Then : cd /var/www/htdocs/site gzip style.css && mv style.css.gz style.css Now, open URL pointing to style.css, and here you go. However, all your files must be gzipped, or the browser is unhappy. Thanks a lot.
Re: gzip compression and httpd/relayd
Am Sat, 27 Jan 2018 09:56:48 +0100 schrieb Thuban : > Thank you for all answers, very interesting. > I'll try to compress some files on my own, we'll see. > > Regards Please give feedback here after you tried it.
Re: gzip compression and httpd/relayd
Thank you for all answers, very interesting. I'll try to compress some files on my own, we'll see. Regards -- thuban signature.asc Description: PGP signature
Re: gzip compression and httpd/relayd
On 2018-01-25, Thuban wrote: > I'm very happy with relayd + httpd. > Relayd deals with headers and httpd serve files. > > I know httpd doesn't have gzip compression. > > 1. Do you know if it's planned in the future? https://github.com/reyk/httpd/issues/21
Re: gzip compression and httpd/relayd
On Thu, Jan 25, 2018 at 09:37:06PM +0100, Michael Hekeler wrote: > Am Thu, 25 Jan 2018 19:47:09 +0100 > schrieb Thuban : > > > I'm very happy with relayd + httpd. > > Relayd deals with headers and httpd serve files. > > > > I know httpd doesn't have gzip compression. > > > > 1. Do you know if it's planned in the future? > > 2. Does anyone has a workaround to advise? > > > > regards > > > > to 1. > https://marc.info/?l=openbsd-misc&m=142407262812306&w=2 > > Hi, In some servers there were some security issues with compression like: https://en.wikipedia.org/wiki/BREACH I don't know if thats the reason httpd doesn't have it though. > to 2. > I never tested it myself, but ,maybe you can compress the files before > you place them in htdocs!? > Yes it's possible. Make sure to set the appriopriate HTTP headers aswell with relayd: read "Accept-Encoding" and if it's acceptable set "Content-Encoding". > ...or use ngingx reverse-proxy? > -- Kind regards, Hiltjo
Re: gzip compression and httpd/relayd
Am Thu, 25 Jan 2018 19:47:09 +0100 schrieb Thuban : > I'm very happy with relayd + httpd. > Relayd deals with headers and httpd serve files. > > I know httpd doesn't have gzip compression. > > 1. Do you know if it's planned in the future? > 2. Does anyone has a workaround to advise? > > regards > to 1. https://marc.info/?l=openbsd-misc&m=142407262812306&w=2 to 2. I never tested it myself, but ,maybe you can compress the files before you place them in htdocs!? ...or use ngingx reverse-proxy?
