- From: Amos Jeffries <squid3@treenet.co.nz>
- Date: Tue, 8 Sep 2015 14:02:36 +1200
- To: ietf-http-wg@w3.org
On 8/09/2015 11:18 a.m., Adrien de Croy wrote: > > This issue keeps cropping up in support. > > I understand what the browser vendors stated position is, although I > believe with a little more imagination and effort there would be a way > to display the proxy block page in a way that didn't confuse users. But > putting that argument aside, there is another safe (IMO) option for > dealing with proxies blocking CONNECT requests. > > Use (e.g. don't ignore) the response status code. > > It's one thing to ignore the response message body on a 403 because it > may have come from an active network attacker. > > It's another thing to ignore the status code (the 403 itself). That's a > text-book example of throwing babies with bath water. Even supporting a 511 would be good. Amos
Received on Tuesday, 8 September 2015 02:03:38 UTC