Nmap Development mailing list archives

Re: [NSE] http-headers.nse and max_content_length


From: David Fifield <david () bamsoftware com>
Date: Mon, 22 Nov 2010 16:53:26 -0800

On Thu, Nov 18, 2010 at 01:36:46PM +0100, A. Ramos wrote:
I think what happens, the servers are streaming radio, HEAD dont work, and
GET does not end. Need "Range" header to fix it.

Good find. Tryingt o download a radio station is going to read forever.
I think this could be solved by adding a "max_content_length" option in
the http library. If a download exceeds that length, it will be
truncated. We had to implement such a thing during the favicon survey
because some servers seemingly never stopped sending data. Unfortunately
that patch doesn't easily work in the current http.lua. It needs some
though as to how truncation will be reported, how this interacts with
the cache, and what to do with a connection where this happens (it has
to be closed, and pipelines will be broken and have to be restarted).

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


Current thread: