Assuming that query params get put into the compressor, splitting the path off means that an attacker gets to test against all of those query-parts with a query and *any* path. This would be a big change in terms of security properties. -=R On Mon, Jul 21, 2014 at 12:04 AM, Willy Tarreau <w@1wt.eu> wrote: > On Sun, Jul 20, 2014 at 11:51:37PM -0700, Roberto Peon wrote: > > Don't get me wrong-- I think it'd be mostly fine. > > I also think, however, that this is a piece of information which is > likely > > to contain sensitive information, and as a result, if we want to do > > something different than we do now, we should get it reviewed. > > > > One simple example of how this makes stuff easier-- Since the path and > > query are separated, an attack that attacks the local state by acting as > a > > malicious mitm of TCP packets may perform more attacks before the TCP > recv > > window runs out. > > > > Do I think that is a particularly strong weakness? No. However, it still > > needs review. > > OK so I think we're in line then. Sure it needs to be reviewed, and I'm > not worried either (I guess whatever can be found on it will also affect > current state of the spec). > > Willy > >Received on Monday, 21 July 2014 07:14:46 UTC
This archive was generated by hypermail 2.3.1 : Wednesday, 30 March 2016 09:57:09 UTC