Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 20 Nov 1998 17:29:23 -0800 (PST)
From:      Matthew Dillon <dillon@apollo.backplane.com>
To:        Jeroen Ruigrok/Asmodai <asmodai@wxs.nl>
Cc:        Per Kristian Hove <perhov@phys.ntnu.no>, freebsd-security@FreeBSD.ORG, Andrew McNaughton <andrew@squiz.co.nz>
Subject:   Re: pkhttpd (Was: Would this make FreeBSD more secure?)
Message-ID:  <199811210129.RAA19628@apollo.backplane.com>
References:   <XFMail.981120210507.asmodai@wxs.nl>
next in thread | previous in thread | raw e-mail | index | archive | help 
:>     so as clients conform to 1.1, the server is guarenteed the ability to 
:>     determine the virtual host from the Host: header rather then having to
:>     assign unique IP's to each virtual host.
:> 
:>     note(1): the server is required to return a failure code if the client
:>     says it is using HTTP/1.1 but does not supply a Host: mime header.
:
:OK, that's all cute ;)
:
:But how big would a fully functional HTTP 1.0 or 1.1 compliant server be?
:Because for embedded systems (read picoBSD) we need to make such decisions and
:based on the results implement them.
:
:*digs out the RFC specs...*

    If you don't use the fancier features it's fairly easy to write a web
    server.  Writing a scaleable web server is a different matter, but even
    so it isn't going to be all that big.

    A short list of optional features that you do not have to implement 
    include:

	byte serving (Range: header)

	persistent connections

	proxy functions

	content matching

    Common features you should/must deal with properly:  

	Handling missing trailing slashes properly (by returning a 
	redirect)

	code 100 processing (if implementing HTTP/1.1)

	Handling content-length, POST data

	Handling If-modified-Since

	Handling Authorization if you intend to password-protect
	the system using authorization mechanisms.

	Properly escaping input and output strings according to the spec.

						-Matt

:---
:Jeroen Ruigrok van der Werven/Asmodai
:asmodai(at)wxs.nl                   |  Cum angelis et pueris,
:Junior Network/Security Specialist  |  fideles inveniamur
:*BSD & picoBSD: The Power to Serve... <http://www.freebsd.org>;
:
:To Unsubscribe: send mail to majordomo@FreeBSD.org
:with "unsubscribe freebsd-security" in the body of the message
:

    Matthew Dillon  Engineering, HiWay Technologies, Inc. & BEST Internet 
                    Communications & God knows what else.
    <dillon@backplane.com> (Please include original email in any response)    

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199811210129.RAA19628>