Post Reply 
headers tag, api
Jul. 10, 2006, 03:46 PM
Post: #1
headers tag, api
Feature requests:
1. Add http X-header to modified content for identify this modification.
2. Very much it would be desirable to see this project kernel as API library or module of http://sourceforge.net/projects/c-icap project (Internet Content Adaptation Protocol (ICAP) (RFC 3507) )
Add Thank You Quote this message in a reply
Jul. 10, 2006, 05:54 PM
Post: #2
RE: headers tag, api
Why would you want to tag modified content with a header? How are you going to use it?

As for your second suggestion, I am skeptical about it. BFilter was intented as a personal web proxy, while ICAP is a thing best suited for ISPs and corporate environments. An ICAP module based on BFilter would be useless for home users, while it would require quite a bit of work to implement.
Add Thank You Quote this message in a reply
Jul. 11, 2006, 07:18 AM
Post: #3
RE: headers tag, api
I may not scan content with antivirus or other filters for already modified(replaced).

I think this project will be very interesting for corporate enviroment, not for ISP. Removing ad and unwanted content will reduce traffic.
Working with c-icap simple. I can write this module, but need entry points to bfilter library for C:
1.init_service;
2.status request(http_head *request_in_out,http_head *response head,httpbody *);
3.status response(http_head *request_in,http_head *srv_response_in_out,http_body *srv_resp_body_in_out);
(body may be patrial or full)
4.close_service;
Add Thank You Quote this message in a reply
Jul. 11, 2006, 08:23 AM
Post: #4
RE: headers tag, api
Well, I can set a header like this for generated content:
X-BFilter-content: generated
As for modified content, you should not rely on it being virus-free.

As for ICAP, it's not as easy as providing a few entry points.
There are questions like:
Should I still read BFilter's configs?
How do I report errors?
Am I allowed to fetch objects (external scripts) on my own?
Add Thank You Quote this message in a reply
Jul. 11, 2006, 02:20 PM
Post: #5
RE: headers tag, api
Thanks for changes.

1. path to config may by passed to init with file handle for error output
(how about logging to files from current version without gui, how define path to filters catalog ).
Needed params : ad_border,max_script_eval_size,max_script_nest_level and path to filters dir. client_compression always no

2. return errcode and write string error to file
3. fetch is not allowed(as with max_script_fetch_size=0)
Add Thank You Quote this message in a reply
Jul. 11, 2006, 05:28 PM
Post: #6
RE: headers tag, api
Inability to fetch scripts will hurt ad detection accuracy. I've spent some time today browsing with max_script_fetch_size=0, and there is definately a difference. I think I would rather run adblock than BFilter with script fetching disabled.
All in all, I think an ICAP module is not worth putting my time and efforts into it. If you think otherwise, you may try to implement it yourself. I can give you some pointers where to start.

About the "X-BFilter-content: generated" header:
I've just noticed a problem with how you are going to use it. It will basically be a flag saying "I am clean, don't run antivirus on me". Now what will happen if a malicious site sets this header to prevent the files it serves from being scanned?
Add Thank You Quote this message in a reply
Jul. 12, 2006, 12:49 PM
Post: #7
Big Grin RE: headers tag, api
jart Wrote:Inability to fetch scripts will hurt ad detection accuracy. I've spent some time today browsing with max_script_fetch_size=0, and there is definately a difference. I think I would rather run adblock than BFilter with script fetching disabled.
All in all, I think an ICAP module is not worth putting my time and efforts into it. If you think otherwise, you may try to implement it yourself. I can give you some pointers where to start.
prefetch is not allowed with accounting system.
I will be enhance my skill in C++ Smile!
Thanks about start point.

jart Wrote:About the "X-BFilter-content: generated" header:
I've just noticed a problem with how you are going to use it. It will basically be a flag saying "I am clean, don't run antivirus on me". Now what will happen if a malicious site sets this header to prevent the files it serves from being scanned?
I can remove this header on parent proxy.
Add Thank You Quote this message in a reply
Jul. 12, 2006, 01:50 PM
Post: #8
RE: headers tag, api
Quote:I can remove this header on parent proxy.
OK, the changes to set this header are already in svn.
Add Thank You Quote this message in a reply
Post Reply 


Forum Jump: