- From: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Date: Fri, 05 Feb 2021 07:39:35 +0000
- To: "Adrien de Croy" <adrien@qbik.com>
- cc: "Greg Wilkins" <gregw@webtide.com>, "Stefan Eissing" <stefan.eissing@greenbytes.de>, "Willy Tarreau" <w@1wt.eu>, "Ryan Sleevi" <ryan-ietf@sleevi.com>, "Martin Thomson" <mt@lowentropy.net>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
-------- Adrien de Croy writes: > not in my experience. Good for you! But it is the number #1 thing on peoples wishlist whenever they ask about trailers in Varnish Cache. > What sort of metadata is it envisioned would require waiting until the > end of transmission to set and be based on the entire content? Cache-Control, Set-Cookies, and the multitude of private headers people use for CDN and walled-garden applications. > We've had > discussions in the past about clients sniffing response message bodies > and it was decided it was a bad thing for security reasons, but I think > everyone still does it or the internet breaks. Which is *precisely* why I propose we give the server the option to XOR scramble the body until the metadata is ready. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Received on Friday, 5 February 2021 07:39:54 UTC