IPP Mail Archive: IPP> RE: MOD - What is a Firewall?

IPP Mail Archive: IPP> RE: MOD - What is a Firewall?

IPP> RE: MOD - What is a Firewall?

Carl-Uno Manros (manros@cp10.es.xerox.com)
Tue, 9 Jun 1998 09:51:45 PDT

At 09:38 PM 6/5/98 PDT, Josh Cohen wrote:
>
>
>> -----Original Message-----
>> From: Carl-Uno Manros [mailto:carl@manros.com]
>> Sent: Friday, June 05, 1998 11:51 AM
>> To: http-wg@cuckoo.hpl.hp.com
>> Subject: MOD - What is a Firewall?
>>
>>
>> 1) Host address TCP/IP address
>> 2) Port number Default 80 for HTTP
>> 3) Protocol "http" for HTTP
>> 4) Method POST etc. for HTTP
>> 5) Content HTML etc.
>>
>Lets add a level, so its:
>
> 1) Host address TCP/IP address
> 2) Port number Default 80 for HTTP
> 3) Protocol "http" for HTTP
> 4) Method POST etc. for HTTP
> 5) Content-type text/HTML etc.
> 6) content body filtering (Firewall/proxy attempts to parse the IPP body)
>
>I wasnt sure if you meant for 5 to be my 5 or 6.
>Its much easier to filter by the http header content-type: than
>to parse the body and try to filter that way, although both can
>technically be done.
>
>Some proxies can filter the body content, it can, for example,
>strip unwanted HTML tags like embedded scripts or Java references.
>Though it is possible in these products, the task of parsing
>the bodies is such a performance hit, virtually no one uses it
>and proxy implementors tend to stick to the guideline that proxies
>do not parse the entity-body in HTTP.
>(At least the implementors I worked with)
>

What I intended at 5), was that the first few bytes of the content
is read, which in most cases is enough to determine the kind of
content that follows. It would be a really bad idea to try to read the
WHOLE content.

Carl-Uno
Carl-Uno Manros
Principal Engineer - Advanced Printing Standards - Xerox Corporation
701 S. Aviation Blvd., El Segundo, CA, M/S: ESAE-231
Phone +1-310-333 8273, Fax +1-310-333 5514
Email: manros@cp10.es.xerox.com