[CalendarServer-changes] [11991] CalendarServer/trunk
source_changes at macosforge.org
source_changes at macosforge.org
Wed Mar 12 11:18:01 PDT 2014
Revision: 11991
http://trac.calendarserver.org//changeset/11991
Author: wsanchez at apple.com
Date: 2013-11-21 12:08:50 -0800 (Thu, 21 Nov 2013)
Log Message:
-----------
Disable ResponseCompression by default
Modified Paths:
--------------
CalendarServer/trunk/conf/caldavd-test.plist
CalendarServer/trunk/conf/resources/caldavd-resources.plist
CalendarServer/trunk/twistedcaldav/stdconfig.py
Modified: CalendarServer/trunk/conf/caldavd-test.plist
===================================================================
--- CalendarServer/trunk/conf/caldavd-test.plist 2013-11-21 19:15:30 UTC (rev 11990)
+++ CalendarServer/trunk/conf/caldavd-test.plist 2013-11-21 20:08:50 UTC (rev 11991)
@@ -895,9 +895,10 @@
<key>EnableWebAdmin</key>
<true/>
- <!-- Support for Content-Encoding compression options as specified in RFC2616 Section 3.5 -->
+ <!-- Support for Content-Encoding compression -->
<key>ResponseCompression</key>
- <false/>
+ <false/> <!-- Off for testing, as debugging is easier that way. -->
+
<!-- The retry-after value (in seconds) to return with a 503 error. -->
<key>HTTPRetryAfter</key>
Modified: CalendarServer/trunk/conf/resources/caldavd-resources.plist
===================================================================
--- CalendarServer/trunk/conf/resources/caldavd-resources.plist 2013-11-21 19:15:30 UTC (rev 11990)
+++ CalendarServer/trunk/conf/resources/caldavd-resources.plist 2013-11-21 20:08:50 UTC (rev 11991)
@@ -669,7 +669,7 @@
<key>EnableWebAdmin</key>
<true/>
- <!-- Support for Content-Encoding compression options as specified in RFC2616 Section 3.5 -->
+ <!-- Support for Content-Encoding compression -->
<key>ResponseCompression</key>
<false/>
Modified: CalendarServer/trunk/twistedcaldav/stdconfig.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/stdconfig.py 2013-11-21 19:15:30 UTC (rev 11990)
+++ CalendarServer/trunk/twistedcaldav/stdconfig.py 2013-11-21 20:08:50 UTC (rev 11991)
@@ -892,7 +892,8 @@
# Support for Content-Encoding compression options as specified in
# RFC2616 Section 3.5
- "ResponseCompression": True,
+ # Defaults off, because it weakens TLS (CRIME attack).
+ "ResponseCompression": False,
# The retry-after value (in seconds) to return with a 503 error
"HTTPRetryAfter": 180,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20140312/7741abf1/attachment.html>
More information about the calendarserver-changes
mailing list