Article delegate-en/3308 of [1-4012] on the server localhost:7119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A3306@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en
[DeleGate-En] Re: CFI with Windows : still a strange problem ...
15 Jun 2006 09:56:52 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project 
Xavier,

In message <_A3306@delegate-en.ML_> on 06/15/06(17:12:44)
you "Xavier Cheney" <p2mgabdyi-jmfhzl7cqqdw.ml@delegate.org> wrote:
 |    I still have a very strange and particular problem using CFI with 
 |windows.
 |
 |    I use DeleGate like an HTTP proxy server with filtering, with 9.2.2 
 |version (wich enable http://https.* -> https://*) under Windows (XP 
 |professionnal SP2). 
 |
 |    On a special URL (I didn't have problem with others), the CFI filter is 
 |not executed when it's the first time access for the browser.
 |    The URL is "http://https.cartevaloise.valdoise.fr/FrontOffice/". Note 
 |that I do the SSL conversion, to be able to filter data.
 |
 |    If I open Firefox (or IE) and I try to access this URL, the filter don't 
 |works (the problem). If I still re-input the URL, this time the filter 
 |works ! If I stop delegate, and re-execute it without closing browser and re-
 |input the URL, the filter still works ... So, I think that delegate don't 
 |filter some particular URL when it's the first browser access ...
 |
 |  Here is the (quite long) first access log to this URL.
 |  If you have any "idea" ... thanks,

The response message header of the page includes
"Set-Cookie: JSESSIONID=...; Secure" when the client visited it
first time, that is, requested without "Cookie: JSESSIONID=..."
in the request message header.

The "Secure" flag in Set-Cookie need to be removed when relaying from
a HTTPS server to a HTTP client who accesses the server as a usual
HTTP server, not as a HTTPS (Secure) server.
So DeleGate does it so.

The problem is in the implementation of removing a parameter value
in a Cookie by "httphead.c:delParam()".  The implementation erases
the ending CR LF by mistake, breaking the next filed, which is
Content-Type in this case as follows:

  Set-Cookie: JSESSIONID=...; Secure
  Content-Type: text/html

  =>

  Set-Cookie: JSESSIONID=...; Content-Type: text/html

;-)
Thus if your CFI is conditional with Content-Type, it does not work
in this case.
The bug will be fixed as the enclosed patch.

Cheers,
Yutaka
--
  D G   Yutaka Sato <pfqcabdyi-jmfhzl7cqqdw.ml@delegate.org> http://delegate.org/y.sato/
 ( - )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller


*** ../arc/delegate9.2.2/src/httphead.c	Mon May 29 15:02:04 2006
--- src/httphead.c	Thu Jun 15 18:51:13 2006
***************
*** 1535,1547 ****
--- 1535,1554 ----
  		}
  		if( *dp == ';' )
  			dp++;
+ 
+ 		/*
  		while( isspace(*dp) )
+ 		*/
+ 		while( isspace(*dp) && *dp != '\r' && *dp != '\n' )
  			dp++;
  		if( strcaseeq(name1,name) ){
  			ovstrcpy((char*)pp,dp);
  			ndel++;
  		}else{
  			pp = (char*)dp;
+ 		}
+ 		if( *dp == '\r' || *dp == '\n' ){
+ 			break;
  		}
  	}
  	return ndel;
  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V