W3C home > Mailing lists > Public > www-jigsaw@w3.org > January to February 2003

Proxy-Authorization forwarded, as of jigsaw 2.2.2

From: Thomas Kriegelstein <tk4@mail.inf.tu-dresden.de>
Date: Thu, 20 Feb 2003 03:52:52 -0500 (EST)
To: www-jigsaw@w3.org
Message-Id: <200302200952.39115.tk4@mail.inf.tu-dresden.de>




Hi,

org/w3c/jigsaw/proxy/ForwardFrame.java (jigsaw 2.2.2) Line 246 sets the
Proxy-Authenticate header to null. This header is not supposed to be send by a 
client or upstream-proxy. This is not the bug but a copy & paste mistake from 
dupReply.

The bug is:
According to RFC 2616 section 13.5.1:
The Proxy-Authorization header is also a hop-by-hop header. So it should be 
set to null.
Recommended fix: Replace the H_PROXY_AUTHENTICATE in line 246 with
H_PROXY_AUTHORIZATION.

Another possibility:
Set all hop-by-hop headers in dupReply and dupRequest to null.
Without distinction between reply and request messages.

Without this fix a downstream webserver learns how to authenticate with the 
proxy!

Ciaou,
  Thomas
Received on Sunday, 23 February 2003 06:10:35 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 9 April 2012 12:13:36 GMT