Le Ven 15 novembre 2013 07:47, Willy Tarreau a écrit : > The CONNECT method is used to open tunnels through proxies and all proxy > users who browse in HTTPS use it. Which makes it a security nightmare, since its allows tunneling any protocol without control and there are products on the market that advertise the ability of using connect to bypass any firewall rule. Thus I resent pretending that connect makes http reliable since it main point today seems to be to tunnel random non-http junk through security equipments. (and I know any encrypted payload by nature can not be controlled but there is a difference between accepting encrypted bodies inside http frames with http signalling and tunnelling whole protocols pretty much unchanged) -- Nicolas MailhotReceived on Friday, 15 November 2013 07:07:51 UTC
This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:38 UTC