On Sat, 2005-03-05 at 00:15 +0100, Henrik Nordstrom wrote: > On Sat, 5 Mar 2005, Andrew Bartlett wrote: > > > Should squid filter such responses, and turn them back into a generic > > protocol error? In the same way that my scripts were not expecting > > these status codes, I wonder if squid should protect clients by ensuring > > that the HTTP status code is in the range normally acceptable? Or is > > this a can of worms you would rather not open :-) > > I am not aware of any security issues related to this, and it isn't Squids > job to act as a secure firewall imho.
That's a position I can respect. However, it just seems a little at odds with the restrictions on WebDAV (where we have to list all the HTTP methods we want to cross the proxy). Does the odd response code not cause Squid problems internally, like what 'box' to put the response in (cache-able, not cache-able, etc)? Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net
signature.asc
Description: This is a digitally signed message part