WebApp Sec mailing list archives
Re: Reverse Proxy and Link Encoding
From: security lists <lists28 () yahoo com>
Date: Thu, 5 Jun 2003 08:28:41 -0700 (PDT)
I believe both Neoteris and Bluecoat have Reverse Proxy products that do this. There are also various other comercial products that claim to have this functionality. --- Michael Naef <michael.naef () inf ethz ch> wrote:
Hi all I have a follow-up question to Dean's inquiry on reverse proxies... I am looking for a reverse proxy that does not let _any_ client-provided data through. This would be achieved by parsing all web pages in order to identify the hyper links contained. Then, all the hyper links would be replaced by the proxy's address and a suitable encoding. Also, the proxy would maintain a table with all the encodings and the original link. When the client requests such an encoded link, the proxy would do a lookup in the table and retrieve the original link. Example: 1) Proxy retrieves some web page that contains the link http://www.foo.com/ 2) Proxy replaces this link in the web page by something like the following link: http://proxy/77352102 and sends the resulting page to the client. 3) Client hits the link. Proxy analyzes the encoding and does the lookup in the table to find the original link. It retrieves the page, parses the content, replaces links, and sends the result to the client again. (Startup: The proxy would have a well-defined collection of possible links that are already encoded and serve as a starting point.) I am aware that such a proxy is quite prohibitive with regard to browsing the web. However, it can be useful in environments that must prevent potentially hostile traffic (e.g. "hacked" URLs, malformed POST data etc.) to leave to the Internet and still allow basic browsing capabilities. Does anybody know of a proxy that does this (or something similar)? (My research has not been successful so far.) Thanks myke.
__________________________________ Do you Yahoo!? The New Yahoo! Search - Faster. Easier. Bingo. http://search.yahoo.com
Current thread:
- Reverse Proxy and Link Encoding Michael Naef (Jun 01)
- RE: Reverse Proxy and Link Encoding Lluis Mora (Jun 03)
- RE: Reverse Proxy and Link Encoding Michael Naef (Jun 05)
- Re: Reverse Proxy and Link Encoding security lists (Jun 05)
- <Possible follow-ups>
- RE: Reverse Proxy and Link Encoding Amit Klein (Jun 05)
- RE: Reverse Proxy and Link Encoding Amit Klein (Jun 09)
- RE: Reverse Proxy and Link Encoding Bill Burge (Jun 09)
- Re: Reverse Proxy and Link Encoding Death Star (Jun 13)
- RE: Reverse Proxy and Link Encoding Lluis Mora (Jun 03)