X-PAD：避免浏览器错误头球攻门被加入阿帕奇 [英] X-Pad: avoid browser bug header added by apache

问题描述

我看到这个标题附加到来自Apache的响应。是否有新时代的浏览器的任何意义;或者它只是有规避的错误在旧版本的Netscape。似乎不可思议。

I see this header appended to the response from apache. Does it have any significance in new age browsers; or it's merely there to circumvent a bug in older versions of Netscape. Seems weird.

修改

我是做对我们的应用程序性能测试，当我看到在JMeter中响应文本，有说回来这个奇怪的标题。它说：

I was doing a performance testing on our app, when I saw that in Jmeter response text, there was this weird header that comes back. It said:

X-pad: avoid browser bug

这就是它！
于是，我尝试了一些google搜索，它似乎是增加了对Netscape浏览器错误的标题。不管怎样，我还是好奇，既然我们是如此远离浏览器（谢天谢地）的这些版本，有一个坚实的理由，它仍然存在。
我们使用的Apache2。

Thats it! So I tried some googling, and it seemed like a header added for Netscape browsers' bug. Anyway, I am still curious, that since we are so far away from those versions of browser (thankfully), is there a solid reason that it's still there. We use apache2.

希望这些细节帮助。

干杯

推荐答案

不，这是一个发育不全的头时下;也就是说，它被放在那里来解决一个bug在浏览器是过时的（几代比IE6旧的 - ！报道的bug 15年前固定为1997年的），没有人使用它了

Nope, it's a vestigial header nowadays; that is to say, it was put there to work around a bug in a browser which is obsolete (several generations older than IE6 - the bug was reported fixed as of 1997, 15 years ago!) and nobody uses it any more.

<一个href=\"http://mail-archives.apache.org/mod_mbox/httpd-cvs/200812.mbox/%3C20081205051015.456402388879@eris.apache.org%3E\">The补丁删除它是在2008年以来Apache的SVN，但它显然还没有传播到所有发行（加上一些网站可能使用Apache的未更新的版本）。

The patch to remove it is in Apache's SVN since 2008, but it apparently still hasn't propagated to all distributions (plus some sites may use non-updated versions of Apache).

下面对标题中的评论，拿起<一个href=\"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/http/http_filters.c?r1=722081&r2=723585\">from源：

Here's the comment for the header, picked up from the source:

/* Navigator versions 2.x, 3.x and 4.0 betas up to and including 4.0b2
 * have a header parsing bug.  If the terminating \r\n occur starting
 * at offset 256, 257 or 258 of output then it will not properly parse
 * the headers.  Curiously it doesn't exhibit this problem at 512, 513.
 * We are guessing that this is because their initial read of a new request
 * uses a 256 byte buffer, and subsequent reads use a larger buffer.
 * So the problem might exist at different offsets as well.
 *
 * This should also work on keepalive connections assuming they use the
 * same small buffer for the first read of each new request.
 *
 * At any rate, we check the bytes written so far and, if we are about to
 * tickle the bug, we instead insert a bogus padding header.  Since the bug
 * manifests as a broken image in Navigator, users blame the server.  :(
 * It is more expensive to check the User-Agent than it is to just add the
 * bytes, so we haven't used the BrowserMatch feature here.
 */

这篇关于X-PAD：避免浏览器错误头球攻门被加入阿帕奇的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！