[PATCH] Re: Possible Vulnerability in httpd.c
Mattias Schlenker
ms at mattiasschlenker.de
Mon Nov 21 19:14:02 UTC 2016
Am 21.11.2016 um 18:08 schrieb walter harms:
> the only reason we need to buffer everything is because of IE whatever.
> Can someone confirm that this is still needed ?
AFAIK this was a valid issue until IE6. IE versions 7 and up should have
no problems with headers plus small HTML page in one packet. Neither it
does have with large headers (cookies and stuff) sent in more than one
packet. (I yet have to dig out a few VMs and test) IE6 was supported
with patches for regular users until about two years ago and still
remains supported for paying customers who prefer to pay for support
instead of moving away from 15 year old software.
If it was up to me, I would prefer to clean up code while being at risk
to break interoperability with very old browsers.
Yours,
Mattias
--
Mattias Schlenker - Freier IT-Fachredakteur und -autor
redaktion at mattiasschlenker.de
Mattias Schlenker - IT-Consulting, Softwareentwicklung
consulting at mattiasschlenker.de
Address__ August-Bebel-Str. 74 - D-04275 LEIPZIG - GERMANY
Phone: +49 341 39290767 Fax: +49 341 30393578
Mobile: +49 163 6953657 Another mobile: +49 159 03160327
VATIN_________________________________________ DE240998538
Fork me!____________________ https://github.com/mschlenker
Website.__________________ http://www.mattiasschlenker.de/
My books!___________ http://www.arduino-hausautomation.de/
More information about the busybox
mailing list