- From: Laurent Demailly <dl@hplyot.obspm.fr>
- Date: Mon, 16 Oct 1995 17:23:06 +0100
- To: rg@server.net
- Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Roger Gonzalez writes:
> Okay, you wise guys. There's a crucial issue on the table:
> I've gotten several connections with "User-agent" headers that contain
> things like:
> User-agent: SomeGuyTyping/1234.1234 (ha ha)
> and
> User-agent: TelnetHacker/1.1
> As you can see, there is vast potential for screwing up vital client s/w
> statistics-gathering. We simply must standardize how we snoop each
> others servers. :-)
You should not blindly trust (or even use automatically, or put back
in web 'stats' pages) any client sent header or you'll get bad
surprises...
I think that ppl using telnet should not put in any User-agent:
(ok sometimes you must put fake mozillas,... to get the page you want)
Then, for instance I use "w3getv/0.1" for my simple w3getv that just
do an 'HEAD / HTTP/1.0' or "dlgeturl/2.4" when I use my geturl
version, and I imagine that everyone writing his minimal client throw
in his own header, which is not a bad thing as it allows you to know
somehow what 'tool' is used.... Of course ppl can joke/cheat, but
unless you get digital signature of headers you can not avoid it
{is that forseen ?}
dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|... Freedom
Prime#1: cent cinq mille cent cinq milliards cent cinq mille cent soixante sept
terrorist cryptographic genetic Khaddafi security DST Croatian
Received on Monday, 16 October 1995 09:26:44 UTC