Linux, FreeBSD, Juniper, Cisco / Network security articles and troubleshooting guides

FAQ
It is currently Fri Oct 18, 2019 8:09 pm


Username:
Subject:
Message body:
Enter your message here, it may contain no more than 60000 characters. 

Smilies
:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :arrow: :| :mrgreen: :geek: :ugeek:
Font size:
 
Font colour
Options:
BBCode is ON
[img] is ON
[flash] is OFF
[url] is ON
Smilies are ON
Disable BBCode
Disable smilies
Do not automatically parse URLs
Confirmation code
Confirmation code:
In an effort to prevent automatic submissions, we require that you enter both of the words displayed into the text field underneath.
     

Topic review - How to test deflate/gzip compression on a HTTPS (HTTP over SSL) Apache server
Author Message
Post subject: How to test deflate/gzip compression on a HTTPS (HTTP over SSL) Apache server  |  Post Posted: Tue Aug 03, 2010 3:30 am
To test a server for deflate/gzip compression, it needs to be notified that you, as a client (browser) accept compressed encoding.

This is done, by adding an "Accept-Encoding: compress, gzip" in the header of the request.

Testing an https Apache server for deflate/gzip compression, initiating a connection using openssl client
Code:
$ openssl s_client -connect  192.168.1.1:443
...Some output about ssl certificate and ssl protocol and cipher used....
GET / HTTP/1.1
Host: test.server.ro
Accept-Encoding: compress, gzip -->press RETURN
-->press RETURN again


HTTP/1.1 200 OK
Date: Tue, 03 Aug 2010 07:17:45 GMT
Server: Apache
X-Powered-By: PHP/5.2.9
Set-Cookie: SQMSESSID=8e7a8619ba2821ea61c4f24f7dbc2467; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: SQMSESSID=8e7a8619ba2821ea61c4f24f7dbc2467; path=/; secure; HttpOnly

Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1022
Content-Type: text/html; charset=iso-8859-1
?Vmo?6??_q?04if?Z?v?%h?a?.X=C?DIL(R%)'????#?7%???d?w??=|???ٟ??.?????\??????0
                                                                            ??????;8   F?4??[?$a8?H&?A\?Z?7??d??R??f   ?*U?Ȕ?LڄH?e????PB?;?????H?????1K?>4??{CT?      ??V?f?m?
Th,??7????@A?ac<-Z?9^?|i??rj??\8???J            ?s*?0?cYn??/??Y?!\???8?b?i?XT?--?????f??;[??p8XP
E?C??r?P#%???J?????֪?Y?ٹf??
                          *Z?H/??c??
                                    8??q???V????銘



The line that shows us that the HTTPS Apache server is sending compressed information (besides the output obviously) is:
Code:
Content-Encoding: gzip


As I stated, it is very important to inform the server that you accept compressed content, otherwise the server will send plain text. To advertise this, just add Accept-Encoding: compress, gzip in the request's header.

To test without advertising that compressed content is accepted, the https server will just send the same page in plain text:
Code:
$ openssl s_client -connect  192.168.1.1:443
...Some output about ssl certificate and ssl protocol and cipher used....
GET / HTTP/1.1
Host: test.server.ro -->press RETURN
-->press RETURN again

HTTP/1.1 200 OK
Date: Tue, 03 Aug 2010 07:24:01 GMT
Server: Apache
X-Powered-By: PHP/5.2.9
Set-Cookie: SQMSESSID=5a31331a117256cbbfd26e4180287ccc; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: SQMSESSID=5a31331a117256cbbfd26e4180287ccc; path=/; secure; HttpOnly
Vary: Accept-Encoding
Content-Length: 2369
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>

<head>
<meta name="robots" content="noindex,nofollow">
<link rel="stylesheet" type="text/css" href="../themes/css/verdana-10.css">


Now, the Content-Encoding: gzip attribute in the server response's header is missing and the output is plaintext.
Jump to:  
cronNews News Site map Site map SitemapIndex SitemapIndex RSS Feed RSS Feed Channel list Channel list


Delete all board cookies | The team | All times are UTC - 5 hours [ DST ]



phpBB SEO