[squid-users] BWS after chunk-size
ohmuro
ohmuro at iij.ad.jp
Thu Apr 4 07:47:02 UTC 2024
Hi Amos
Thank you for your reply.
I would like the behavior to be aligned with major browsers, but I
understand why it was fixed.
and agree that software that adds bad whitespace to protocol syntax is a
problem.
>> However, after the fix for SQUID2023:1 in 5.9, it seems that it does
not work properly.
>>
<https://github.com/squid-cache/squid/security/advisories/GHSA-j83v-w3p4-5cqh>
>>
> Indeed. That particular broken syntax is being intentionally rejected
as a security attack.
>
I would like to report that in my Squid 5.9, accessing a website that
has BWS added, a blank screen appears instead of an error message.
Best regards,
Mitsumasa Ohmuro
More information about the squid-users
mailing list