Re: AOL "proxy" behavior?
From: Mike Arnold (mike@midkaemia.fsnet.co.uk)Date: 08/19/02
- Previous message: Michael B. Morell: "(moderator can kill thread) AOL "proxy" behavior?"
- In reply to: Michael B. Morell: "AOL "proxy" behavior?"
- Next in thread: Kurt Seifried: "Re: AOL "proxy" behavior?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Mike Arnold <mike@midkaemia.fsnet.co.uk> To: "Michael B. Morell" <MMorell@vdat.com>, "'incidents@securityfocus.com'" <incidents@securityfocus.com> Date: Mon, 19 Aug 2002 22:18:02 +0100
On Monday 19 Aug 2002 8:32 pm, Michael B. Morell wrote:
> I was wondering if anyone can verify a pattern that I just came across.
Maybe - read on!
> So my question is, does anyone know whether or not that this is some sort
> of valid AOL proxy behavior where a request for a single page can go thru
> multiple proxies? Spawning multiple proxies to request information that
> generally only 1 proxy would get. (ie, a request for a web page resulted
> in 3 different hosts getting different parts of the page, all off of the
> same aspsession id)
1 question: How do you know they got different parts of the page?
OK. I never like to make assumptions, but I will make one here. I am assuming
you are answering requests to http:// and NOT https:// where you see this
problem.
We have seen a very similar problem from both AOL proxy servers and Freeserve
proxy servers. Basically the proxy is either misconfigured or just plain
broken and actually caches HTTP headers as well as page content. We saw it
for a session cookie, not the asp session, but one of our own, and it
resulted in some application confusion to say the least. Don't know if this
is the case now or not.
The problem was when a session went https:// -> http:// -> https://. If 2
people followed this path, then the second had picked up the cookie of the
first when returning to https://
Our fix was simple. We removed the http:// links within the same domain and
made them https://. Shouldn't have been there anyway. Not sure how you would
fix it for simple http:// requests though. The cookie will probably be being
spread across the different proxies by load balancing if that is the case.
Can't explain why they would be sequentail though unless they had all logged
on at the same time and come to view your site at the same time.
Don't know if that answers it, but that's what we saw!
Mike
--"In their capacity as a tool, computers will be but a ripple on the surface of our culture. In their capacity as intellectual challenge, they are without precedent in the cultural history of mankind." Edsger Wybe Dijkstra on Computers
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
- Previous message: Michael B. Morell: "(moderator can kill thread) AOL "proxy" behavior?"
- In reply to: Michael B. Morell: "AOL "proxy" behavior?"
- Next in thread: Kurt Seifried: "Re: AOL "proxy" behavior?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
