Changes between Version 1 and Version 2 of doc/OONI/Tests/HeaderFieldManipulation


Ignore:
Timestamp:
Jun 16, 2012, 5:11:39 PM (7 years ago)
Author:
hellais
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • doc/OONI/Tests/HeaderFieldManipulation

    v1 v2  
     1'''What it detects'''
    12
     3   * Detects the presence of a device that manipulated HTTP request headers
    24
    3 == Notes ==
     5'''Inputs'''
    46
    5 crazy way to detect MITM proxies:
     7   * A backend to be used for checking the tampering
     8
     9'''Experiment'''
     10
     11   A set of different requests are sent to the backend. Through a covert channel the client reports to the server the request it made.
     12   These are the requests that are made:
     13   
     14   * For every HTTP request method the CaPitaLization is varied
     15   * The content of the request is compressed using gzip and the gzip encoding header is added (Add more details?)
     16
     17'''Control'''
     18
     19   * The backend checks if the received request matches the one that the client claims to have sent.
     20 
     21'''Output'''
     22
     23   * What kind of requests are being tampered with and the logs of the sent data and received data.
     24
     25'''Notes'''
    626
    727apparently they often remove the 'gzip' encoding by