X-Pad:避免 apache 添加的浏览器错误标头 [英] X-Pad: avoid browser bug header added by apache
问题描述
我看到这个标头附加到来自 apache 的响应中.它在新时代的浏览器中有什么意义吗?或者它只是为了规避旧版本的 Netscape 中的错误.看起来很奇怪.
编辑
我正在对我们的应用程序进行性能测试,当我在 Jmeter 响应文本中看到它时,返回了这个奇怪的标头.它说:
X-pad:避免浏览器bug就是这样!所以我尝试了一些谷歌搜索,它似乎是为 Netscape 浏览器的错误添加的标题.无论如何,我仍然很好奇,既然我们离那些版本的浏览器很远(谢天谢地),是否有充分的理由让它仍然存在.我们使用 apache2.
希望这些细节能有所帮助.
干杯
不,现在它只是一个残留的标题;也就是说,它被放在那里是为了解决浏览器中一个过时的错误(比 IE6 早几代 - 据报告该错误在 15 年前的 1997 年已修复!)并且没有人再使用它.
自 2008 年以来,用于删除它的补丁就在 Apache 的 SVN 中,但它显然还没有传播到所有发行版(而且某些站点可能使用未更新版本的 Apache).
这是标题的注释,摘录 来自来源:
/* Navigator 版本 2.x、3.x 和 4.0 测试版直到并包括 4.0b2* 有一个标题解析错误.如果终止 \r\n 发生在开始* 在输出的偏移量 256、257 或 258 处,它将无法正确解析* 标题.奇怪的是,它在 512、513 上没有出现这个问题.* 我们猜测这是因为他们对新请求的初始读取* 使用 256 字节缓冲区,后续读取使用更大的缓冲区.* 所以问题也可能存在于不同的偏移量.** 这也应该适用于 keepalive 连接,假设它们使用* 每个新请求的第一次读取都使用相同的小缓冲区.** 无论如何,我们检查到目前为止写入的字节,如果我们即将* 解决这个问题,我们改为插入一个虚假的填充标题.由于错误* 在导航器中显示为损坏的图像,用户归咎于服务器.:(* 检查 User-Agent 比只添加* 字节,所以我们这里没有使用 BrowserMatch 功能.*/I see this header appended to the response from apache. Does it have any significance in new age browsers; or it's merely there to circumvent a bug in older versions of Netscape. Seems weird.
EDIT
I was doing a performance testing on our app, when I saw that in Jmeter response text, there was this weird header that comes back. It said:
X-pad: avoid browser bug
Thats it! So I tried some googling, and it seemed like a header added for Netscape browsers' bug. Anyway, I am still curious, that since we are so far away from those versions of browser (thankfully), is there a solid reason that it's still there. We use apache2.
Hopefully those details help.
Cheers
Nope, it's a vestigial header nowadays; that is to say, it was put there to work around a bug in a browser which is obsolete (several generations older than IE6 - the bug was reported fixed as of 1997, 15 years ago!) and nobody uses it any more.
The patch to remove it is in Apache's SVN since 2008, but it apparently still hasn't propagated to all distributions (plus some sites may use non-updated versions of Apache).
Here's the comment for the header, picked up from the source:
/* Navigator versions 2.x, 3.x and 4.0 betas up to and including 4.0b2
* have a header parsing bug. If the terminating \r\n occur starting
* at offset 256, 257 or 258 of output then it will not properly parse
* the headers. Curiously it doesn't exhibit this problem at 512, 513.
* We are guessing that this is because their initial read of a new request
* uses a 256 byte buffer, and subsequent reads use a larger buffer.
* So the problem might exist at different offsets as well.
*
* This should also work on keepalive connections assuming they use the
* same small buffer for the first read of each new request.
*
* At any rate, we check the bytes written so far and, if we are about to
* tickle the bug, we instead insert a bogus padding header. Since the bug
* manifests as a broken image in Navigator, users blame the server. :(
* It is more expensive to check the User-Agent than it is to just add the
* bytes, so we haven't used the BrowserMatch feature here.
*/
这篇关于X-Pad:避免 apache 添加的浏览器错误标头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
