On Thu, 10 Feb 2005, Ralf Hildebrandt wrote:
> 2005/02/10 10:09:48| ctx: enter level 0: 'http://de.sitestat.com/qvc/qvc/s?tvprogramm.kalender&ns__t=1108026476843'
> 2005/02/10 10:09:48| WARNING: found whitespace in HTTP header name {Cache Control: no-cache}
> 2005/02/10 10:09:48| ctx: exit level 0
This is expected with the current patches. Lots of malfunctioning web
servers out there, and the upcoming Squid-2.5.STABLE8 release will notice
some of them..
> As well as this kind of message:
> 2005/02/10 10:09:26| WARNING: unparseable HTTP header field near {GET
> /webworkflow/zwf/application/BookingNew/class.class HTTP/1.1
> cookie: ASPSESSIONIDQCRAAQSD=BCPPFJOAKIKFICNBOBECDCDF
> User-Agent: Mozilla/4.0 (Windows 2000 5.0) Java/1.4.2_06
> Host: intranet.medipart.com
> Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
> Connection: keep-alive
> }
This is just before the one below, right? Looks like the same error, just
in two different forms.
> 2005/02/10 10:09:26| Failed to parse request headers: intranet.medipart.com:443
> CONNECT intranet.medipart.com:443 HTTP/1.1
> GET /webworkflow/zwf/application/BookingNew/class.class HTTP/1.1
> cookie: ASPSESSIONIDQCRAAQSD=BCPPFJOAKIKFICNBOBECDCDF
> User-Agent: Mozilla/4.0 (Windows 2000 5.0) Java/1.4.2_06
> Host: intranet.medipart.com
> Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
> Connection: keep-alive
This one is obviously bad. The GET and cookie lines have no business being
there, and in fact indicates a serious information leakage bug in the
client if this is indeed meant to be a CONNECT request for an https://
resource (which looks as it is the case).
Regards
Henrik
Received on Thu Feb 10 2005 - 02:33:08 MST
This archive was generated by hypermail pre-2.1.9 : Tue Mar 01 2005 - 12:00:02 MST