a problem with chunked encoding

Maxim Dounin mdounin at mdounin.ru
Wed Oct 7 15:25:52 UTC 2015


On Wed, Oct 07, 2015 at 08:29:22AM -0400, esxgx wrote:

> Maxim Dounin, 
> Thanks for your prompt reply~ ^ ^
> Actually In my script, the tcp stream is encrypted and disguised as a normal
> chunked downloaded file to pass the firewall, and I need to control every
> chunk(the stream is encrypted in blocks, and a chunk represents a block) so
> that there is no specific protocol identification.
> If the script cannot control the process of chunked encoding, it should have
> some identification so that the firewall can update itself to find out the
> proxy stream.
> There are many web hostings that use nginx + php-fpm, so I wrote the script
> in PHP.
> Does that mean I cannot use nginx as a web server in this way?
> Nginx is an excellent web server with good proformance, I'm not willing to
> give up this server.

You are misusing chunked encoding.  It's not expected to provide 
message boundaries, it only provides a way to know if a response 
body is complete or not.  Additionally, chunked encoding is 
expected to be removed (and re-applied if needed) by any HTTP 
intermediate along the way of the response.  That is, your 
approach isn't going to work in the real world, regardless of 
whether you'll be able to do this with nginx or not.

Maxim Dounin

More information about the nginx mailing list