Post Reply 
Content-Type Issue?
Jun. 25, 2010, 03:28 AM
Post: #46
RE: Content-Type Issue?
(Jun. 24, 2010 07:57 PM)ProxRocks Wrote:  i'm seeing app/json's for the login process for a client's account...
interestingly, i can't seem to "half ssl" that account without a popup certificate warning from my browser...

So maybe there is a https url in the json file?
I wonder what would happen while using Whenever's ProxHTTPSProxy proxy in Half_SSL mode.
Add Thank You Quote this message in a reply
Jun. 25, 2010, 10:28 AM
Post: #47
RE: Content-Type Issue?
(Jun. 25, 2010 03:28 AM)JJoe Wrote:  So maybe there is a https url in the json file?
I wonder what would happen while using Whenever's ProxHTTPSProxy proxy in Half_SSL mode.

looking into both is on my to-do list...

the ProxHTTPSProxy in Half_SSL, i've been wanting to return to the EXE version and see if i can get it to work without having to install OpenSSL... it "might" be as easy as just copying the .dll's over to the EXE's folder, i just haven't been able to get to it yet...


until this thread came along, i've never even "heard of" an app/json, lol...
i was hoping that "faking" my user-agent would 'get around' the app/json's, but that doesn't "seem" to be the case...
Add Thank You Quote this message in a reply
Jun. 25, 2010, 01:45 PM
Post: #48
RE: Content-Type Issue?
(Jun. 25, 2010 03:14 AM)JJoe Wrote:  Next question, for later, is what is in those json files that might be worth the effort to modify.

json is a format mostly used for data interchange. In theory any data can be put into it, including ads and other annoyance, which you may want to modify.
Add Thank You Quote this message in a reply
Jun. 25, 2010, 07:33 PM (This post was last modified: Jun. 25, 2010 08:00 PM by sidki3003.)
Post: #49
RE: Content-Type Issue?
We've done quite some testing back then. Only unexpected issue was content-encoded documents being sent even if there was no outbound accept-encoding header. This happened very rarely, less than 1 per 1000 connects.


(Jun. 25, 2010 01:45 PM)whenever Wrote:  json is a format mostly used for data interchange. In theory any data can be put into it, including ads and other annoyance, which you may want to modify.

Yes, data-sets, transmitted as JS objects in literal syntax ({...}), hence JavaScript Object Notation. The thing is that targeting specific data-set snippets turned out to be pointless in almost all cases, i.e. either block the whole shebang or let it be.

IIRC, the *actual* reason why application/json is protected by recent sidki-configs is that the json content-type was "correctly corrected" to JS, via a content-sniffing webfilter, and those huge objects caused the JS filters to use up a significant amount of CPU cycles...
Add Thank You Quote this message in a reply
Post Reply 


Forum Jump: