[RFC7233] Range Requests & partial responses #499
Labels
Milestone
Comments
krizhanovsky
modified the milestones:
1.1 TBD - ML, DoH and other features after 1.0,
1.2 TBD
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Scope
Need to implement RFC 7233: handle partial responses received from upstream server with possible caching and perform range requests. See RFC 7234 3.1 and RFC 7234 3.3 as well.
The issue depend on #498 as if streaming mode is used we can send 200 OK status on first received
skbfrom upstream, but the response isn't transferred fully after. In such case we should store the partial response to cache with 206 status. The client requesting the message, the first client which request faced the upstream connection termination, will receive partial response with 200'th status. This behavior must be documented as a compromise between proxying performance and response status accuracy.tfw_thr_mgr(#515) must be extended to download incomplete responses in background.The design must be done according to CDN Backfired: Amplification Attacks Based on HTTP Range Requests: need to employ appropriate attacks prevention measures.
Test
Need to implement functional tests for attack scenarios from the paper.
The text was updated successfully, but these errors were encountered: