On Wed, Oct 9, 2013, at 20:35, Amos Jeffries wrote:
> All such online header tools are really only delivering a report of the
> headers which reached them. None of them have ever displayed "The
> Truth"(tm). The internals of the browser itself contains a set of layers
> doing header additions and changes. The same is (supposed to be) true of
> every extra layer of software proxies across the network.
I just can't believe that someone would just keep a lying tool up.
Maybe I'll send him an email.
> This case is a great example of how no matter what header manipulation
> you do in your own proxy it cannot change what others are doing to the
> traffic elsewhere. The CDN he uses adding its own X-Forwarded-* headers.
> Your own upstream provider might add the X-Forwarded-For header adding
> details about you. Every proxy along the way removes existing hop-by-hop
> headers and adds new ones.
Crumcast shouldn't be manipulating my HTML headers; that would cost too
much.
> One interesting case here is that if you add X-Forwarded-For on your
> requests, does that value show up at his end?
I did try setting it to 127.0.0.1, but it didn't fool him.
Interestingly I run NoScript and have all scripting turned off for his
site, yet he still comes up with my IP. Hm, maybe Crumcast is narcking
me out.
-- http://www.fastmail.fm - One of many happy users: http://www.fastmail.fm/help/overview_quotes.htmlReceived on Thu Oct 10 2013 - 04:53:11 MDT
This archive was generated by hypermail 2.2.0 : Thu Oct 10 2013 - 12:00:05 MDT