Both of these are non-standard headers created by microsoft.
These are both weird ones. We seem to need them, but only because they
need to be stripped away in certain circumstances.
The Translate: header is the trickiest. After reading the docs it
appears we should be always stripping it away for security. It's entire
purpose is to perform code disclosure 'attacks' on targeted dynamic
sites. With perhapse a fast-ACL to allow admins to use it and control
the requests using it when they really need to.
Pending any objections I'll add as registered headers in 3.0 and the
above handling for Translate in 3.1.
Amos
-- Please be using Current Stable Squid 2.7.STABLE6 or 3.0.STABLE15 Current Beta Squid 3.1.0.7Received on Mon May 18 2009 - 11:05:40 MDT
This archive was generated by hypermail 2.2.0 : Mon May 18 2009 - 12:00:02 MDT