Re: FYI... Binary Optimized Header Encoding for SPDY

In message <>, Amos Jeffries writes:

>Only if you try to cache along the assumed filesystem hierarchy implicit 
>in URLs. Using the absolute URL as an opaque hash key (as Squid does) 
>instead of reading any meaning in its syntax avoids all these issues 

But opens you up to DoS attacks along the lines of:

	GET /%41BCDEF.html
	GET /A%42CDEF.html

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

Received on Sunday, 5 August 2012 12:32:25 UTC