You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@trafficserver.apache.org by "Scott Beardsley (JIRA)" <ji...@apache.org> on 2014/11/05 23:23:34 UTC

[jira] [Comment Edited] (TS-3172) Http/1.0 allowed even when only Http/1.1 configured as session protocol

    [ https://issues.apache.org/jira/browse/TS-3172?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14199214#comment-14199214 ] 

Scott Beardsley edited comment on TS-3172 at 11/5/14 10:22 PM:
---------------------------------------------------------------

I see this as a feature... can we continue allowing "protocol sniffing" on TLS ports?

EDIT: disregard... feature is requested in TS-3173


was (Author: sc0ttbeardsley):
I see this as a feature... can we continue allowing "protocol sniffing" on TLS ports?

> Http/1.0 allowed even when only Http/1.1 configured as session protocol
> -----------------------------------------------------------------------
>
>                 Key: TS-3172
>                 URL: https://issues.apache.org/jira/browse/TS-3172
>             Project: Traffic Server
>          Issue Type: Bug
>          Components: HTTP
>    Affects Versions: 5.1.0
>            Reporter: Sudheer Vinukonda
>            Assignee: Sudheer Vinukonda
>
> With the below configuration restricting http/1.0 for the TLS ports, I still see that http/1.0 requests are not rejected.
> {code}
> % sudo traffic_line -m . | grep server_ports
> proxy.config.http.server_ports 80:proto=http/1.1
> {code}
> {code}
> % curl -0  -v http://myproxy.com --o /dev/null
> * About to connect() to myproxy. port 80 (#0)
> *   Trying xx.xx.xx.xxx... connected
> * Connected to myproxy.com (xx.xx.xx.xxx) port 80 (#0)
> > GET / HTTP/1.0
> > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.3.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> > Host: myproxy.com
> > Accept: */*
> > 
>   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
>                                  Dload  Upload   Total   Spent    Left  Speed
>   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* HTTP 1.0, assume close after body
> < HTTP/1.0 404 Not Found
> < Content-Type: text/html
> < Content-Length: 345
> < Date: Wed, 05 Nov 2014 18:48:58 GMT
> < Server: ATS
> < Age: 0
> < Via: http/1.1 myproxy.com (ApacheTrafficServer/5.0.1)
> < 
> { [data not shown]
> 115   345  115   345    0     0  42846      0 --:--:-- --:--:-- --:--:-- 69000* Closing connection #0
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)