SSL and HTTP 0.9

Manlio Perillo manlio_perillo at libero.it
Sat Dec 1 13:15:47 MSK 2007

Previous message: [bug] typo in mail/ngx_mail.h
Next message: SSL and HTTP 0.9
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi.

An user (symlynX) on the nginx IRC channel at Freenode reported that an 
HTTPS server returns unencrypted pages when a plain HTTP 0.9 request is 
received.

He claims that this is a security problem, but I disagree (since when 
ssl_verify_client is enabled, nginx correctly returns an error), however 
I'm just curious to know why nginx behaves in this way.



Thanks  Manlio Perillo

Previous message: [bug] typo in mail/ngx_mail.h
Next message: SSL and HTTP 0.9
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the nginx mailing list