; http-req.tab ; ; This table lists the known request header fields. Here are some ; comments: ; ; Accept-Encoding: ; ; We drop this as we don't want to deal with compressed bodies. ; ; Cookie: ; ; Either drop it or pass it, according to the configuration. ; ; Connection: ; Keep-Alive: ; Proxy-Connection: ; ; For now, we support only one request per connection. ; ; From: ; ; We don't want to reveal our e-mail address to spammers, do we? ; ; If-Modified-Since: ; ; Some browsers include "; length=", which we drop ; unconditionally. Note that "; length=" could be split into ; two requests which could be separated by weeks. ; ; Referer: ; ; We don't want to let them know where we come from, do we? ; ; User-Agent: ; ; If we want to base our filtering criterions on the user agent, ; we have to parse this field. Anyway, some people don't want ; to reveal their user agent. ; ; Via: ; ; We don't want to reveal our internal proxies. ; ; Content-Location: ; Content-Version: ; Derived-From: ; Link: ; ; Just be consistent with response headers. ; accept hh_keep H_MERGE ; HTTP/1.0 request-header accept-charset hh_keep H_MERGE ; HTTP/1.0 request-header accept-encoding hh_drop_silent H_MERGE ; HTTP/1.0 request-header accept-language hh_keep H_MERGE ; HTTP/1.0 request-header authorization hh_keep 0 ; HTTP/1.0 request-header ; Note that RFC 2109 does not allow multiple Cookie header fields; ; however allowing them cannot hurt and makes testing simpler cookie hh_cookie H_MULTI ; RFC 2109 request-header downgrade-1.0 hh_keep 0 ; Apache force-response-1.0 hh_keep 0 ; Apache forward hh_drop_silent 0 ; WebEx? from hh_privacy 0 ; HTTP/1.0 request-header host hh_keep 0 ; HTTP/1.1 request-header if-match hh_keep 0 ; HTTP/1.1 request-header if-modified-since hh_if_modified H_MULTI ; HTTP/1.0 request-header if-none-match hh_keep 0 ; HTTP/1.1 request-header if-range hh_drop_silent 0 ; HTTP/1.1 request-header if-unmodified-since hh_keep 0 ; HTTP/1.1 request-header max-forwards hh_keep 0 ; HTTP/1.1 request-header negotiate hh_keep 0 ; Sent by Lynx 2.7 proxy-authorization hh_proxyauth 0 ; HTTP/1.1 request-header range hh_drop_silent 0 ; HTTP/1.1 request-header referer hh_referer H_MUTST ; HTTP/1.0 request-header referrer hh_referer H_MUTST ; Typo (WebEx v.20) request-range hh_drop_silent 0 ; non-std ua-color hh_privacy 0 ; Netscape? ua-cpu hh_privacy 0 ; Netscape? ua-os hh_privacy 0 ; Netscape? ua-pixels hh_privacy 0 ; Netscape? user-agent hh_user_agent 0 ; HTTP/1.0 request-header cache-control hh_keep H_MERGE ; HTTP/1.1 general-header connection hh_drop_silent H_MERGE ; HTTP/1.1 general-header date hh_keep 0 ; HTTP/1.0 general-header keep-alive hh_drop_silent H_MERGE ; HTTP/1.1 mime-version hh_keep 0 ; HTTP/1.1 general-header pragma hh_pragma H_MERGE ; HTTP/1.0 general-header proxy-connection hh_drop_silent 0 ; HTTP/1.1 general-header transfer-encoding hh_keep H_MERGE ; HTTP/1.1 general-header upgrade hh_keep H_MERGE ; HTTP/1.1 general-header via hh_drop_silent H_MERGE ; HTTP/1.1 general-header allow hh_keep H_MERGE ; HTTP/1.0 entity-header content-base hh_keep 0 ; HTTP/1.1 entity-header content-encoding hh_keep H_MERGE ; HTTP/1.0 entity-header content-language hh_keep H_MERGE ; HTTP/1.0 entity-header content-length hh_req_ct_len 0 ; HTTP/1.0 entity-header content-location hh_dangerous 0 ; HTTP/1.1 entity-header content-md5 hh_keep 0 ; HTTP/1.1 entity-header content-range hh_ct_range 0 ; HTTP/1.1 entity-header content-type hh_keep 0 ; HTTP/1.0 entity-header content-version hh_drop_silent 0 ; non-std entity-header derived-from hh_drop_silent 0 ; non-std entity-header etag hh_keep 0 ; HTTP/1.1 entity-header expires hh_keep 0 ; HTTP/1.0 entity-header last-modified hh_keep 0 ; HTTP/1.0 entity-header link hh_drop_silent H_MERGE ; non-std entity-header depth hh_keep H_MERGE ; Subversion destination hh_keep H_MERGE ; Subversion if hh_keep H_MERGE ; Subversion lock-token hh_keep H_MERGE ; Subversion overwrite hh_keep H_MERGE ; Subversion timeout hh_keep H_MERGE ; Subversion dav hh_keep H_MERGE ; Subversion