- From: Rob Polansky <polansky@raptor.com>
- Date: Tue, 2 Jun 1998 09:05:32 -0400
- To: "David W. Morris" <dwm@xpasc.com>
- Cc: http-wg <http-wg@cuckoo.hpl.hp.com>, ipp@pwg.org
I know of at least one :-) firewall that not only rejects unknown methods but also examines the HTTP request method as part of its "algorithm". From a protocol and security perspective, it appears to be the right thing to do. If you don't understand the method, how can you properly proxy it? Take the CONNECT method as an example. In summary, any proxy that is more than a simple packet passer (supports CONNECT, protocol conversion, proxy authentication, etc.) runs the risk of failing to pass IPP if it uses a new scheme and/or a new method. Not that that's a bad thing... :-) -Rob Polansky > -----Original Message----- > From: David W. Morris [mailto:dwm@xpasc.com] > Sent: Monday, June 01, 1998 10:34 PM > To: Carl-Uno Manros > Cc: http-wg@cuckoo.hpl.hp.com; ipp@pwg.org; http-wg@hplb.hpl.hp.com > Subject: Re: Implications of introducing new scheme and port for > existing HTTP servers > > (I'm also not wild about new HTTP methods as I know of existing proxies > which will reject unknown methods. Don't know of any which will accept > unknown methods. I'm also unaware of any firewall software which examines > the HTTP request method as part of its algorithm but then I'm not a > firewall expert.) >
Received on Tuesday, 2 June 1998 06:09:07 UTC