某些客户端的HTTP标头随机替换了字符 [英] HTTP headers from some clients have characters randomly replaced

问题描述

进行网络流量和日志分析，但是从客户端传递了大量格式错误的标头。这些字符转换或替换为x。

Doing web traffic and log analysis, but there are a lot of malformed headers being passed from clients. These have characters transposed or replaced with "x"'s.

有谁知道它们来自哪里或为什么？
这是某种安全性的尝试，还是更邪恶的事情？

Does anyone know where they come from or why? Is this some kind of attempt at security, or something more nefarious?

示例：

xroxy-connection: Keep-Alive
cneoction: close
nncoection: close
ocpry-connection: Keep-Alive
pxyro-connection: close
proxy-~~~~~~~~~~: ~~~~~~~~~~
x-xorwarded-for: 000.00.00.000
Referer: http://www.example.xom/nxws/article/2009-1x-21/?cid=4xxx00x2-0x60x3x0

推荐答案

查看错过的Cneonctions 部分nofollow noreferrer>使用HTTP标头的乐趣。作者认为：

Check out the Missed Cneonctions section of Fun With HTTP Headers. The author thinks:

我现在相信这是由一个hackish硬件负载均衡器
尝试b $ b代理
内部服务器时，删除连接
关闭标头。这样，
连接可以保持打开，图像
可以通过相同的
TCP连接传输，而后端web
服务器不需要修改为
all。

I now believe this is something done by a hackish hardware load balancer trying to "remove" the connection close header when proxying for an internal server. That way, the connection can be held open and images can be transmitted through the same TCP connection, while the backend web server doesn’t need to be modified at all.

这篇关于某些客户端的HTTP标头随机替换了字符的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！