Re: NEW ISSUE: Drop Content-Location from Henrik Nordstrom on 2006-11-29 (ietf-http-wg@w3.org from October to December 2006)

From: Henrik Nordstrom <henrik@henriknordstrom.net>
Date: Wed, 29 Nov 2006 23:51:43 +0100
To: Julian Reschke <julian.reschke@gmx.de>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-Id: <1164840703.15658.62.camel@henriknordstrom.net>

ons 2006-11-29 klockan 23:30 +0100 skrev Julian Reschke:

> It's late, any I may not have seen all the cases of breakage, but most 
> of them seem to involve private IPs and bogus port numbers. Both 
> problems will not occur when an absolute path is used.

Having worked with setups creating this problem all in all it's possible
variants. Here follows a breakdown of what is causing bogus
[Content-]Location headers:

Bad host name: Server configured with a bad server name and not
reflecting the Host header back in generated URLs.

Bad port: Some device in front of the server remaps the request port
(i.e. NAT) without the server being aware or capable of handling the
situation.

Bad absolute path, bad protocol, or any of the above: A reverse proxy
remapping requests in the URL-namespace without properly undoing the
mappings in returned [Content-]Location headers.

Regards
Henrik

Received on Wednesday, 29 November 2006 22:51:53 UTC