W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2012

Re: Rechartering HTTPbis

From: Adrien de Croy <adrien@qbik.com>
Date: Fri, 27 Jan 2012 01:14:11 +1300
Message-ID: <4F214393.9060003@qbik.com>
To: Willy Tarreau <w@1wt.eu>
CC: Poul-Henning Kamp <phk@phk.freebsd.dk>, Amos Jeffries <squid3@treenet.co.nz>, ietf-http-wg@w3.org

re signalling an abort.

It's actually a very common requirement when drip-feeding data to a 
client whilst it's being scanned.

I go back to scanning for malware at a gateway.  Sometimes it seems I 
(and my customers) are the only ones interested in this application????

1 It's a requirement to collect an entire entity in order to scan it
2 It's a requirement to prevent agents and humans from timing out.

therefore it's a necessity to send something to the client, potentially 
long before you have the entire entity.  My proposal for progress 
notifications was intended to address exactly this issue.  It's safer to 
send status updates than it is to send actual unscanned entity data.  
However, in the absense of support for update notifications (e.g. with 
103 status or similar), then you have to send unscanned data.

This is an enormous hideous gaping security hole, and browser vendors 
make it worse by their behaviour (or lack thereof) when a transfer is 
aborted (by closing, currently our only option).  In short they do 
nothing, and let you execute the unscanned file.

So, if you're sending chunked to a client, and you decide you need to 
abort the connection, we need a way to signal to the client that it 
should discard what it has received.

Unless all browser vendors (except Opera at last check) change their 
behaviour to warn of an aborted transfer (for what reason they have no 
clue) then it's an ongoing problem.  But even then they are still 
guessing as to why it was aborted.  Was it a network timeout, someone 
tripped over an ethernet cable etc etc?  In the absence of real 
information, a client is probably just going to retry to get the rest.

Why make clients guess when we can make it deterministic?  A simple 
final status code on the final chunk could signal that the transfer was 
aborted, and give a decent reason along with it to drum it into the 
client that they really should discard the entity and not just try to 
fetch the rest of it.

Adrien


-- 
Adrien de Croy - WinGate Proxy Server - http://www.wingate.com
Received on Thursday, 26 January 2012 12:14:39 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:53 GMT