[tor-bugs] #12778 [meek]: Put meek HTTP headers on a diet

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Sep 9 06:22:17 UTC 2014 

#12778: Put meek HTTP headers on a diet
-----------------------------+-----------------
     Reporter:  dcf          |      Owner:  dcf
         Type:  enhancement  |     Status:  new
     Priority:  normal       |  Milestone:
    Component:  meek         |    Version:
   Resolution:               |   Keywords:
Actual Points:               |  Parent ID:
       Points:               |
-----------------------------+-----------------

Comment (by dcf):

 Replying to [comment:2 dcf]:
 > Here's what server headers look like.
 >
 > Google App Engine, 174 bytes.
 > {{{
 > HTTP/1.1 200 OK\r\n
 > Server: Google Frontend\r\n
 > Date: Mon, 04 Aug 2014 07:08:40 GMT\r\n
 > Content-Type: application/octet-stream\r\n
 > Content-Length: 65536\r\n
 > Alternate-Protocol: 443:quic\r\n
 > \r\n
 > }}}
 >
 > Amazon CloudFront, 321 bytes.
 > {{{
 > HTTP/1.1 200 OK\r\n
 > X-Cache: Miss from cloudfront\r\n
 > X-Amz-Cf-Id: Wq5WzKia5-NimKbhVoTr0SJ9D7i4RRtgWxqcqPniq-
 GqqNEhOjyyXA==\r\n
 > Via: 1.1 d368aa75357ba38c7d574850f7952d23.cloudfront.net
 (CloudFront)\r\n
 > Transfer-Encoding: chunked\r\n
 > Date: Mon, 04 Aug 2014 07:10:35 GMT\r\n
 > Content-Type: application/octet-stream\r\n
 > Connection: keep-alive\r\n
 > \r\n
 > }}}
 >
 > It doesn't look like there's much in either case that we have control
 over. Both have Content-Type: application/octet-stream, even though the
 server does not set that header explicitly. It's probably being done
 implicitly by [http://golang.org/pkg/net/http/#DetectContentType
 http.DetectContentType].

 It turns out that even if you disable the Content-Type header at meek-
 server (with `w.Header()["Content-Type"] = nil`), Google and Amazon will
 just add it back anyway. And when the response body is empty, they will
 set it to "text/plain; charset=utf-8", which is even longer than
 "application/octet-stream". So in [https://gitweb.torproject.org
 /pluggable-
 transports/meek.git/commitdiff/fa5fbb807a5d81cd234caf402f262d4a5de0533e
 fa5fbb807a5d81cd234caf402f262d4a5de0533e] I just set the Content-Type
 header unconditionally.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12778#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list