httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <>
Subject Re: mod_deflate DoS using HEAD
Date Thu, 16 Jul 2009 15:15:47 GMT
Plüm, Rüdiger, VF-Group wrote:
> Good point. So your patch would invalidate a cached entity if the
> response to a GET delivered a C-L header, since HEAD and GET would
> deliver different C-L headers.
> OTOH I think only very small or extremely compressable responses (whether
> static or not) would have a C-L in the response to a GET, because everything
> that exceeeds a zlib buffer would be delivered chunked anyway.

We don't really want to gzip that single buffer though, either.  The prime
concern here is CPU cycles.  In this case, there is no advantage to
performing that compression, and inconsistent behavior leads cache and
proxy authors down unfortunate assumptions.

View raw message