SubResource Integrity (SRI)

Posted on 2015-10-07T23:37:49+00:00 by wbaker

Subresource Integrity; Working Draft; W3C; 2015-09-16.
- Subresource Integrity, specification, working documents

Implementation

Blink/Chromium → 355467 – Subresource Integrity; In Google Chromium Bugzilla; 2014-03-24.
Gecko → 992096 – Implement Subresource Integrity; In Mozilla Bugzilla; 2014-09-03.
Subresource Integrity (SRI) Manager, a WordPress Plugin; WordPress.org; 2015-06-15.
requires WordPress v4.1 to WordPress 4.2.5.

Tutorial

Subresource Integrity; In Mozilla Developer Resources; 2015.

Referenced

Nick Sullivan (Cloudflare) An Introduction to JavaScript-Based DDoS; In Their Blog; 2015-04-30.

Promotion

Subresource Integrity; mastahyeti (GitHub); In Their Blog; 2015-09-19.

Usage

SRI Hash Generator

cat FILENAME.js |
openssl dgst -sha384 -binary |
openssl enc -base64 -A

<script src="https://example.com/FILENAME.js"
        integrity="sha384-oqVuAfXRKap7fdgcCY5uykM6+R9GqQ8K/uxy9rx7HNQlGYl1kPzQho1wx4JwY8wC"
        crossorigin="anonymous"></script>

HTTP and UDP

Posted on 2014-12-26T07:25:16+00:00 by wbaker

httpp and httpps

InstantWebP2P
- a Node.JS service
An introduction to node httpp; 2013-03-03.
Forum, moribund; last query 2014-11-25; ~2 convo/month
on github
- firefox-httpp
  - C++
  - LICENSE
- node-httpp
  - is nodejs with httpp, forked from joyent/node
  - LICENSE
- iwebpp.io
- iwebpp.io-stun-proxy
- node-httpp-proxy
httpp – Run http over udp with node.js; listed at npmjs.com
MIT License
Build Steps
npm install httpp cd node-httpp; ./configure && make install

Who

Tom Zhou, Tom Zhou (Shanghai)

When

2010-Current.
2012-10-28, announced to the ietf-http-wg@we.org

httpu and httpmu

draft-goland-http-udp-01 – Multicast and Unicast UDP HTTP Messages; Yaron Y. Goland (Microsoft); 1999-11-09 (expired: 2000-04).

New protocol names: httpu and httpmu
For httpmu the lack of a URI (a path) means *by some rationale (Section 5.3).
- httpu://example.com and httpu://example.com/ are the same and have an implied path of / (slash)
- httpmu://example.com and httpmu://example.com/ are different wherein the former has a path of * (star) and the latter has a path of / (slash), as per usual.
New headers (Section 11)
- AL is like Location, but allows for multiple redirect locations
- mx is a response-delay advisory, in integral seconds (not fractional seconds).
- S is a unique client identifier, unique across all time; requests without an S don’t require a response.
Cookies are not implementable in Somethings(S, Serial Sequence, Something; that globally unique Request Identifier)
- Cookies are:
  - sent out by servers
  - returned by clients
- Somethingsare:
  - sent out by clients
  - returned by servers
SSDP Mailing List (circa 1999)

Protocols

TURN
STUN
STUNT

WebSockets
Secure WebSocket: Specification, InstantWebP2P/nacl-cert
UDT (library), Sector (program); separately filled.

Irrelevant

HTTPP (HTTP Proxy) Reference, Visual Studio 2009

General UDP

at Jimi Wales’ Wiki

Specific

Bryan Ford, Pyda Srisuresh, Dan Kegel; Peer-to-Peer Communication Across Network Address Translators; In Some Venue; WHEN?; 14 pages; landing,
draft-ford-natp2p-00 – Network Address Translation and Peer-to-Peer Applications (NATP2P); IETF Draft; Bryan Ford (MIT); 2003-04 (expired: 2003-10); also there & there.
STUNT
linide – Use of UDP to traverse NAT gateways.

Proxygen by Facebook, a C++ HTTP Framework

Posted on 2014-11-17T10:01:21+00:00 by wbaker

Daniel Sommermann, Alan Frindell (Facebook); Introducing Proxygen, Facebook’s C++ HTTP Framework; In Their Blog; 2014-11-09.

Mentions

Facebook Projects (their surface on top of github)
- Proxygen
- Thrift
Intellectual Property (BSD-like, poison pill on adverse action)
- LICENSE
- PATENTS
facebook/proxygen on github
facebook-proxygen on Google Groups
SPDY Protocol, Draft 3; at The Chromium Projects.
SPDY Protocol, Draft 3.1; at The Chromium Projects.
HPACK – Header Compression for HTTP/2; Peon (Google), H. Ruellan (Canon); 2014-11-14.
Capabilities
- SPDY 3
- SPDY 3.1
- HTTP 2 (almost)
Contains
- Server Code
- Client Code
Abstraction
- session
- codec
- transaction
- handler
Siblings
- Haystack
- Hip Hop Virtual Machine

Assessment

Summary
Language	LOC	App LOC	Test LOC
am	695	572	123
c++	47,712	35,075	12,637
py	163	163	0
sh	84	84	0
total	48,654	35,894	12,760

Language (C++)

C++11
In-class initializers
Uniform Initialization
- brace-enclosed initializers
- in-class initializers
move semantics
namespaces
const
return value optimization (functions returning containers)
seems formatted for 80 character teletype screens.
std::unique_ptr
bool as single bitfield
range for loop
auto
std::string in lieu of char * (sometimes)
std::vector in lieu of arrays (sometimes)
attributes
- final
- ifunc (indirect function, per ELF)
- noexcept
- override
- __attribute__((constructor))
static_assert
std::function
std::thread
std::chrono (seconds, milliseconds)

Dependencies

Runtime

google-glog
google-gflags
boost >= 1.51
event
cap
crypto
ssl
z
iberty (-liberty)
folly of facebook/folly
thrift, thriftcpp2 of facebook/fbthrift
double-conversion (waitman/libdouble-conversion)

Buildtime

Python
Ruby
gperf

Physical Design

(outline) function definitions separated from the function declaration (mostly)
roughly one class per file
Suffixes
- *.hpp
- *.cpp

Build System

autotools (automake, autoconf)
doxygen

Portability

Ubuntu

Promotion

Procygen: Facebook’s C++ HTTP Framework; Rob Marvin; In Software Development Times (SD Times); 2014-11-06.

Via: backfill

Actualities

Inventory

LOC	File
264	./proxygen/proxygen/configure.ac
27	./proxygen/proxygen/httpserver/Makefile.am
10	./proxygen/proxygen/httpserver/samples/echo/Makefile.am
1	./proxygen/proxygen/httpserver/samples/Makefile.am
1	./proxygen/proxygen/lib/http/codec/Makefile.am
135	./proxygen/proxygen/lib/http/Makefile.am
1	./proxygen/proxygen/lib/http/session/Makefile.am
13	./proxygen/proxygen/lib/Makefile.am
29	./proxygen/proxygen/lib/services/Makefile.am
28	./proxygen/proxygen/lib/ssl/Makefile.am
62	./proxygen/proxygen/lib/utils/Makefile.am
1	./proxygen/proxygen/Makefile.am
2381	./proxygen/proxygen/external/http_parser/http_parser_cpp.cpp
319	./proxygen/proxygen/external/http_parser/http_parser.h
3142	./proxygen/proxygen/external/http_parser/test.c
59	./proxygen/proxygen/httpserver/filters/DirectResponseHandler.h
125	./proxygen/proxygen/httpserver/Filters.h
106	./proxygen/proxygen/httpserver/filters/RejectConnectFilter.h
92	./proxygen/proxygen/httpserver/HTTPServerAcceptor.cpp
48	./proxygen/proxygen/httpserver/HTTPServerAcceptor.h
205	./proxygen/proxygen/httpserver/HTTPServer.cpp
142	./proxygen/proxygen/httpserver/HTTPServer.h
86	./proxygen/proxygen/httpserver/HTTPServerOptions.h
78	./proxygen/proxygen/httpserver/Mocks.h
186	./proxygen/proxygen/httpserver/RequestHandlerAdaptor.cpp
74	./proxygen/proxygen/httpserver/RequestHandlerAdaptor.h
76	./proxygen/proxygen/httpserver/RequestHandlerFactory.h
99	./proxygen/proxygen/httpserver/RequestHandler.h
198	./proxygen/proxygen/httpserver/ResponseBuilder.h
84	./proxygen/proxygen/httpserver/ResponseHandler.h
56	./proxygen/proxygen/httpserver/samples/echo/EchoHandler.cpp
47	./proxygen/proxygen/httpserver/samples/echo/EchoHandler.h
87	./proxygen/proxygen/httpserver/samples/echo/EchoServer.cpp
41	./proxygen/proxygen/httpserver/samples/echo/EchoStats.h
192	./proxygen/proxygen/httpserver/ScopedHTTPServer.h
36	./proxygen/proxygen/httpserver/SignalHandler.cpp
37	./proxygen/proxygen/httpserver/SignalHandler.h
218	./proxygen/proxygen/lib/http/codec/CodecDictionaries.h
92	./proxygen/proxygen/lib/http/codec/CodecProtocol.cpp
51	./proxygen/proxygen/lib/http/codec/CodecProtocol.h
409	./proxygen/proxygen/lib/http/codec/compress/GzipHeaderCodec.cpp
96	./proxygen/proxygen/lib/http/codec/compress/GzipHeaderCodec.h
128	./proxygen/proxygen/lib/http/codec/compress/HeaderCodec.h
46	./proxygen/proxygen/lib/http/codec/compress/Header.h
61	./proxygen/proxygen/lib/http/codec/compress/HeaderPiece.h
210	./proxygen/proxygen/lib/http/codec/compress/HeaderTable.cpp
221	./proxygen/proxygen/lib/http/codec/compress/HeaderTable.h
105	./proxygen/proxygen/lib/http/codec/compress/HPACKCodec.cpp
56	./proxygen/proxygen/lib/http/codec/compress/HPACKCodec.h
50	./proxygen/proxygen/lib/http/codec/compress/HPACKConstants.h
59	./proxygen/proxygen/lib/http/codec/compress/HPACKContext.cpp
58	./proxygen/proxygen/lib/http/codec/compress/HPACKContext.h
105	./proxygen/proxygen/lib/http/codec/compress/HPACKDecodeBuffer.cpp
84	./proxygen/proxygen/lib/http/codec/compress/HPACKDecodeBuffer.h
167	./proxygen/proxygen/lib/http/codec/compress/HPACKDecoder.cpp
78	./proxygen/proxygen/lib/http/codec/compress/HPACKDecoder.h
112	./proxygen/proxygen/lib/http/codec/compress/HPACKEncodeBuffer.cpp
94	./proxygen/proxygen/lib/http/codec/compress/HPACKEncodeBuffer.h
155	./proxygen/proxygen/lib/http/codec/compress/HPACKEncoder.cpp
75	./proxygen/proxygen/lib/http/codec/compress/HPACKEncoder.h
36	./proxygen/proxygen/lib/http/codec/compress/HPACKHeader.cpp
81	./proxygen/proxygen/lib/http/codec/compress/HPACKHeader.h
345	./proxygen/proxygen/lib/http/codec/compress/Huffman.cpp
138	./proxygen/proxygen/lib/http/codec/compress/Huffman.h
158	./proxygen/proxygen/lib/http/codec/compress/Logging.cpp
39	./proxygen/proxygen/lib/http/codec/compress/Logging.h
111	./proxygen/proxygen/lib/http/codec/compress/StaticHeaderTable.cpp
24	./proxygen/proxygen/lib/http/codec/compress/StaticHeaderTable.h
39	./proxygen/proxygen/lib/http/codec/ErrorCode.cpp
52	./proxygen/proxygen/lib/http/codec/ErrorCode.h
124	./proxygen/proxygen/lib/http/codec/FlowControlFilter.cpp
97	./proxygen/proxygen/lib/http/codec/FlowControlFilter.h
1071	./proxygen/proxygen/lib/http/codec/HTTP1xCodec.cpp
196	./proxygen/proxygen/lib/http/codec/HTTP1xCodec.h
49	./proxygen/proxygen/lib/http/codec/HTTPChecks.cpp
38	./proxygen/proxygen/lib/http/codec/HTTPChecks.h
263	./proxygen/proxygen/lib/http/codec/HTTPCodecFilter.cpp
175	./proxygen/proxygen/lib/http/codec/HTTPCodecFilter.h
468	./proxygen/proxygen/lib/http/codec/HTTPCodec.h
74	./proxygen/proxygen/lib/http/codec/HTTPSettings.cpp
71	./proxygen/proxygen/lib/http/codec/HTTPSettings.h
16	./proxygen/proxygen/lib/http/codec/SettingsId.cpp
44	./proxygen/proxygen/lib/http/codec/SettingsId.h
1584	./proxygen/proxygen/lib/http/codec/SPDYCodec.cpp
378	./proxygen/proxygen/lib/http/codec/SPDYCodec.h
163	./proxygen/proxygen/lib/http/codec/SPDYConstants.cpp
130	./proxygen/proxygen/lib/http/codec/SPDYConstants.h
81	./proxygen/proxygen/lib/http/codec/SPDYUtil.cpp
144	./proxygen/proxygen/lib/http/codec/SPDYUtil.h
16	./proxygen/proxygen/lib/http/codec/SPDYVersion.h
47	./proxygen/proxygen/lib/http/codec/SPDYVersionSettings.h
33	./proxygen/proxygen/lib/http/codec/TransportDirection.cpp
28	./proxygen/proxygen/lib/http/codec/TransportDirection.h
61	./proxygen/proxygen/lib/http/HTTPCommonHeaders.template.h
167	./proxygen/proxygen/lib/http/HTTPConnector.cpp
152	./proxygen/proxygen/lib/http/HTTPConnector.h
32	./proxygen/proxygen/lib/http/HTTPConstants.cpp
67	./proxygen/proxygen/lib/http/HTTPConstants.h
31	./proxygen/proxygen/lib/http/HTTPException.cpp
169	./proxygen/proxygen/lib/http/HTTPException.h
308	./proxygen/proxygen/lib/http/HTTPHeaders.cpp
423	./proxygen/proxygen/lib/http/HTTPHeaders.h
34	./proxygen/proxygen/lib/http/HTTPHeaderSize.h
831	./proxygen/proxygen/lib/http/HTTPMessage.cpp
98	./proxygen/proxygen/lib/http/HTTPMessageFilters.h
724	./proxygen/proxygen/lib/http/HTTPMessage.h
45	./proxygen/proxygen/lib/http/HTTPMethod.cpp
59	./proxygen/proxygen/lib/http/HTTPMethod.h
34	./proxygen/proxygen/lib/http/ProxygenErrorEnum.cpp
73	./proxygen/proxygen/lib/http/ProxygenErrorEnum.h
81	./proxygen/proxygen/lib/http/RFC2616.cpp
73	./proxygen/proxygen/lib/http/RFC2616.h
23	./proxygen/proxygen/lib/http/session/AckLatencyEvent.h
33	./proxygen/proxygen/lib/http/session/ByteEvents.cpp
105	./proxygen/proxygen/lib/http/session/ByteEvents.h
171	./proxygen/proxygen/lib/http/session/ByteEventTracker.cpp
85	./proxygen/proxygen/lib/http/session/ByteEventTracker.h
67	./proxygen/proxygen/lib/http/session/CodecErrorResponseHandler.cpp
42	./proxygen/proxygen/lib/http/session/CodecErrorResponseHandler.h
122	./proxygen/proxygen/lib/http/session/HTTPDirectResponseHandler.cpp
52	./proxygen/proxygen/lib/http/session/HTTPDirectResponseHandler.h
89	./proxygen/proxygen/lib/http/session/HTTPDownstreamSession.cpp
73	./proxygen/proxygen/lib/http/session/HTTPDownstreamSession.h
34	./proxygen/proxygen/lib/http/session/HTTPErrorPage.cpp
70	./proxygen/proxygen/lib/http/session/HTTPErrorPage.h
47	./proxygen/proxygen/lib/http/session/HTTPEvent.cpp
126	./proxygen/proxygen/lib/http/session/HTTPEvent.h
102	./proxygen/proxygen/lib/http/session/HTTPSessionAcceptor.cpp
141	./proxygen/proxygen/lib/http/session/HTTPSessionAcceptor.h
71	./proxygen/proxygen/lib/http/session/HTTPSessionController.h
2002	./proxygen/proxygen/lib/http/session/HTTPSession.cpp
832	./proxygen/proxygen/lib/http/session/HTTPSession.h
25	./proxygen/proxygen/lib/http/session/HTTPSessionStats.h
933	./proxygen/proxygen/lib/http/session/HTTPTransaction.cpp
118	./proxygen/proxygen/lib/http/session/HTTPTransactionEgressSM.cpp
71	./proxygen/proxygen/lib/http/session/HTTPTransactionEgressSM.h
1155	./proxygen/proxygen/lib/http/session/HTTPTransaction.h
134	./proxygen/proxygen/lib/http/session/HTTPTransactionIngressSM.cpp
73	./proxygen/proxygen/lib/http/session/HTTPTransactionIngressSM.h
116	./proxygen/proxygen/lib/http/session/HTTPUpstreamSession.cpp
95	./proxygen/proxygen/lib/http/session/HTTPUpstreamSession.h
66	./proxygen/proxygen/lib/http/session/SimpleController.cpp
66	./proxygen/proxygen/lib/http/session/SimpleController.h
162	./proxygen/proxygen/lib/http/session/TransportFilter.cpp
124	./proxygen/proxygen/lib/http/session/TransportFilter.h
27	./proxygen/proxygen/lib/http/session/TTLBAStats.h
96	./proxygen/proxygen/lib/http/Window.cpp
84	./proxygen/proxygen/lib/http/Window.h
59	./proxygen/proxygen/lib/services/AcceptorConfiguration.h
444	./proxygen/proxygen/lib/services/Acceptor.cpp
342	./proxygen/proxygen/lib/services/Acceptor.h
56	./proxygen/proxygen/lib/services/ConnectionCounter.h
54	./proxygen/proxygen/lib/services/HTTPAcceptor.h
45	./proxygen/proxygen/lib/services/LoadShedConfiguration.cpp
109	./proxygen/proxygen/lib/services/LoadShedConfiguration.h
60	./proxygen/proxygen/lib/services/NetworkAddress.h
40	./proxygen/proxygen/lib/services/RequestWorker.cpp
89	./proxygen/proxygen/lib/services/RequestWorker.h
126	./proxygen/proxygen/lib/services/ServerSocketConfig.h
58	./proxygen/proxygen/lib/services/ServiceConfiguration.h
33	./proxygen/proxygen/lib/services/Service.cpp
137	./proxygen/proxygen/lib/services/Service.h
102	./proxygen/proxygen/lib/services/ServiceWorker.h
66	./proxygen/proxygen/lib/services/TransportInfo.cpp
279	./proxygen/proxygen/lib/services/TransportInfo.h
160	./proxygen/proxygen/lib/services/WorkerThread.cpp
129	./proxygen/proxygen/lib/services/WorkerThread.h
24	./proxygen/proxygen/lib/ssl/ClientHelloExtStats.h
53	./proxygen/proxygen/lib/ssl/DHParam.h
31	./proxygen/proxygen/lib/ssl/PasswordInFile.cpp
38	./proxygen/proxygen/lib/ssl/PasswordInFile.h
23	./proxygen/proxygen/lib/ssl/SSLCacheOptions.h
69	./proxygen/proxygen/lib/ssl/SSLCacheProvider.h
95	./proxygen/proxygen/lib/ssl/SSLContextConfig.h
654	./proxygen/proxygen/lib/ssl/SSLContextManager.cpp
186	./proxygen/proxygen/lib/ssl/SSLContextManager.h
354	./proxygen/proxygen/lib/ssl/SSLSessionCacheManager.cpp
293	./proxygen/proxygen/lib/ssl/SSLSessionCacheManager.h
42	./proxygen/proxygen/lib/ssl/SSLStats.h
76	./proxygen/proxygen/lib/ssl/SSLUtil.cpp
102	./proxygen/proxygen/lib/ssl/SSLUtil.h
308	./proxygen/proxygen/lib/ssl/TLSTicketKeyManager.cpp
198	./proxygen/proxygen/lib/ssl/TLSTicketKeyManager.h
20	./proxygen/proxygen/lib/ssl/TLSTicketKeySeeds.h
60	./proxygen/proxygen/lib/utils/CobHelper.h
76	./proxygen/proxygen/lib/utils/CryptUtil.cpp
22	./proxygen/proxygen/lib/utils/CryptUtil.h
84	./proxygen/proxygen/lib/utils/DestructorCheck.h
71	./proxygen/proxygen/lib/utils/DomainNameMisc.h
34	./proxygen/proxygen/lib/utils/Exception.cpp
46	./proxygen/proxygen/lib/utils/Exception.h
358	./proxygen/proxygen/lib/utils/FilterChain.h
43	./proxygen/proxygen/lib/utils/HTTPTime.cpp
20	./proxygen/proxygen/lib/utils/HTTPTime.h
16	./proxygen/proxygen/lib/utils/NullTraceEventObserver.cpp
23	./proxygen/proxygen/lib/utils/NullTraceEventObserver.h
159	./proxygen/proxygen/lib/utils/ParseURL.cpp
112	./proxygen/proxygen/lib/utils/ParseURL.h
242	./proxygen/proxygen/lib/utils/Result.h
38	./proxygen/proxygen/lib/utils/SocketOptions.cpp
24	./proxygen/proxygen/lib/utils/SocketOptions.h
46	./proxygen/proxygen/lib/utils/StateMachine.h
37	./proxygen/proxygen/lib/utils/TestUtils.h
128	./proxygen/proxygen/lib/utils/Time.h
32	./proxygen/proxygen/lib/utils/TraceEventContext.h
130	./proxygen/proxygen/lib/utils/TraceEvent.cpp
139	./proxygen/proxygen/lib/utils/TraceEvent.h
24	./proxygen/proxygen/lib/utils/TraceEventObserver.h
24	./proxygen/proxygen/lib/utils/UtilInl.h
163	./proxygen/proxygen/lib/utils/gen_trace_event_constants.py
54	./proxygen/proxygen/deps.sh
30	./proxygen/proxygen/reinstall.sh
11	./proxygen/proxygen/httpserver/tests/Makefile.am
21	./proxygen/proxygen/lib/http/codec/test/Makefile.am
21	./proxygen/proxygen/lib/http/session/test/Makefile.am
14	./proxygen/proxygen/lib/http/test/Makefile.am
16	./proxygen/proxygen/lib/ssl/test/Makefile.am
27	./proxygen/proxygen/lib/test/Makefile.am
13	./proxygen/proxygen/lib/utils/test/Makefile.am
97	./proxygen/proxygen/httpserver/samples/echo/test/EchoHandlerTest.cpp
154	./proxygen/proxygen/httpserver/tests/HTTPServerTest.cpp
35	./proxygen/proxygen/lib/http/codec/compress/test/HeaderPieceTests.cpp
134	./proxygen/proxygen/lib/http/codec/compress/test/HeaderTableTests.cpp
345	./proxygen/proxygen/lib/http/codec/compress/test/HPACKBufferTests.cpp
283	./proxygen/proxygen/lib/http/codec/compress/test/HPACKCodecTests.cpp
202	./proxygen/proxygen/lib/http/codec/compress/test/HPACKContextTests.cpp
65	./proxygen/proxygen/lib/http/codec/compress/test/HPACKHeaderTests.cpp
96	./proxygen/proxygen/lib/http/codec/compress/test/HTTPArchive.cpp
37	./proxygen/proxygen/lib/http/codec/compress/test/HTTPArchive.h
312	./proxygen/proxygen/lib/http/codec/compress/test/HuffmanTests.cpp
146	./proxygen/proxygen/lib/http/codec/compress/test/LoggingTests.cpp
212	./proxygen/proxygen/lib/http/codec/compress/test/RFCExamplesTests.cpp
61	./proxygen/proxygen/lib/http/codec/compress/test/TestUtil.cpp
28	./proxygen/proxygen/lib/http/codec/compress/test/TestUtil.h
222	./proxygen/proxygen/lib/http/codec/test/FilterTests.cpp
130	./proxygen/proxygen/lib/http/codec/test/HTTP1xCodecTest.cpp
130	./proxygen/proxygen/lib/http/codec/test/MockHTTPCodec.h
1228	./proxygen/proxygen/lib/http/codec/test/SPDYCodecTest.cpp
207	./proxygen/proxygen/lib/http/codec/test/TestUtils.cpp
237	./proxygen/proxygen/lib/http/codec/test/TestUtils.h
226	./proxygen/proxygen/lib/http/session/test/DownstreamTransactionTest.cpp
1367	./proxygen/proxygen/lib/http/session/test/HTTPDownstreamSessionTest.cpp
154	./proxygen/proxygen/lib/http/session/test/HTTPSessionAcceptorTest.cpp
226	./proxygen/proxygen/lib/http/session/test/HTTPSessionMocks.h
71	./proxygen/proxygen/lib/http/session/test/HTTPSessionTest.h
153	./proxygen/proxygen/lib/http/session/test/HTTPTransactionMocks.h
169	./proxygen/proxygen/lib/http/session/test/HTTPTransactionSMTest.cpp
1411	./proxygen/proxygen/lib/http/session/test/HTTPUpstreamSessionTest.cpp
1368	./proxygen/proxygen/lib/http/session/test/MockCodecDownstreamTest.cpp
41	./proxygen/proxygen/lib/http/session/test/TestUtils.cpp
34	./proxygen/proxygen/lib/http/session/test/TestUtils.h
463	./proxygen/proxygen/lib/http/test/HTTPMessageTest.cpp
49	./proxygen/proxygen/lib/http/test/MockHTTPMessageFilter.h
128	./proxygen/proxygen/lib/http/test/RFC2616Test.cpp
124	./proxygen/proxygen/lib/http/test/WindowTest.cpp
83	./proxygen/proxygen/lib/services/test/AcceptorTest.cpp
278	./proxygen/proxygen/lib/ssl/test/SSLCacheTest.cpp
88	./proxygen/proxygen/lib/ssl/test/SSLContextManagerTest.cpp
635	./proxygen/proxygen/lib/test/TestAsyncTransport.cpp
158	./proxygen/proxygen/lib/test/TestAsyncTransport.h
23	./proxygen/proxygen/lib/test/TestMain.cpp
49	./proxygen/proxygen/lib/utils/test/CryptUtilTest.cpp
538	./proxygen/proxygen/lib/utils/test/GenericFilterTest.cpp
54	./proxygen/proxygen/lib/utils/test/HTTPTimeTest.cpp
42	./proxygen/proxygen/lib/utils/test/MockTime.h
137	./proxygen/proxygen/lib/utils/test/ParseURLTest.cpp
73	./proxygen/proxygen/lib/utils/test/ResultBenchmark.cpp
112	./proxygen/proxygen/lib/utils/test/ResultTest.cpp
22	./proxygen/proxygen/lib/utils/test/UtilTest.cpp

HTTP/2 all the things! | Ilya Grigorik (Google)

Posted on 2014-11-15T08:15:30+00:00 by wbaker

Ilya Grigorik (Google); HTTP/2 all the things!; At VENUE; WHEN? (2014-10?); 47 slides <- bit.ly/1rOWzXj
Teaser: challenges, opportunities, and the exciting world ahead of us…

Mentions

Ilya Grigorik; High Performance Browser Networking; O’Reilly Media; 2013-09-30; 408 pages; promotion.; eBook; $0, Amazon (kindle: $23, paper: $37+SHT)
Calculate Medians for the HTTP Archive; Ilya Grigorik; 2013-06-27 -> 2013-09-02.
Scope
- HTTP 2.0
- XHR
- Server-Sent Events (SSE)
- WebSocket
- WebRTC
Main Thread Attribution for Top Million Sites; on blink-dev; 2013-07 -> 2013-08.
- Working Documents
  - Loading measurement: alexa top 25,000 android; pmeenan@, tonyg@ (Google);a document; 2013-08-15; 14 pages.
  - Loading measurement: alexa top 25,000 windows GPU; pmeenan@, tonyg@; a document; 2013-08-15; 14 pages.
  - Loading measurement: alexa top million windows VM; pmeenan@, tonyg@; a document; 2013-08-15; 13 pages.
  - Loading measurement: alexa top million netsim; rmistry@, tonyg@ (Google); a document; 2013-07-22; 9 pages.
  - Loading measurement: alexa top 1000; rmistry@, tonyg@ (Google); a document; 2013-07-17; 7 pages.
  - Loading measurement: alexa top million; rmistry@, tonyg@ (Google); a document; 2013-07-17; 50 pages
    tl;dr => it’s a listing of 100 slowest sites; this would have been better in a spreadsheet.
- Mentioned
  - Web Page Replay, at Google Code
  - Telemetry, of Chromium
  - Google Storage, of Google Cloud Platform

openssl s_client -connect google.com:443 | openssl x509 -noout -text

X509v3 Subject Alternative Name:
 DNS:*.google.com, DNS:*.android.com,
 DNS:*.appengine.google.com,
 DNS:*.cloud.google.com,
 DNS:*.google-analytics.com,
 DNS:*.google.ca,
 DNS:*.google.cl,
 DNS:*.google.co.in,
 DNS:*.google.co.jp,
 DNS:*.google.co.uk,
 DNS:*.google.com.ar,
 DNS:*.google.com.au,
 DNS:*.google.com.br,
 DNS:*.google.com.co,
 DNS:*.google.com.mx,
 DNS:*.google.com.tr,
 DNS:*.google.com.vn,
 DNS:*.google.de,
 DNS:*.google.es,
 DNS:*.google.fr,
 DNS:*.google.hu,
 DNS:*.google.it,
 DNS:*.google.nl,
 DNS:*.google.pl,
 DNS:*.google.pt,
 DNS:*.googleadapis.com,
 DNS:*.googleapis.cn,
 DNS:*.googlecommerce.com,
 DNS:*.googlevideo.com,
 DNS:*.gstatic.cn,
 DNS:*.gstatic.com,
 DNS:*.gvt1.com,
 DNS:*.gvt2.com,
 DNS:*.metric.gstatic.com,
 DNS:*.urchin.com,
 DNS:*.url.google.com,
 DNS:*.youtube-nocookie.com,
 DNS:*.youtube.com,
 DNS:*.youtubeeducation.com,
 DNS:*.ytimg.com,
 DNS:android.com,
 DNS:g.co,
 DNS:goo.gl,
 DNS:google-analytics.com,
 DNS:google.com,
 DNS:googlecommerce.com,
 DNS:urchin.com,
 DNS:youtu.be,
 DNS:youtube.com,
 DNS:youtubeeducation.com

Jetty “smart push”
- Server observes incoming traffic
- Server initiates push for learned dependencies
Ilya Grigorik (Google); SPDY and HTTP/2 Resource Scheduling; On Google+; 2013-05-20.
CocoaSPDY: SPDY for iOS / OS X; Mike Schare (Twitter); In Their Blog; 2013-12-19.
Mentions
- SPDY Whitepaper
- SPDY Specification, draft v3.1
Hasan Khalil, Roberto Peon, Ilya Grigorik, (Chromium of Google); Making the web faster with SPDY and HTTP/2; In Their Blog; 2013-11-20.
Mentions
- Mike Belshe, Roberto Peon (Chromium of Google); A 2x Faster Web; In Their Blog; 2009-11-11
  the SPDY announcement: documentation, code, Group.
- HTTP/2 protocol (draft-ietf-httpbis-http2)
Ilya Grigorik; Optimizing NGINX TLS Time To First Byte (TTTFB); In His Blog; 2013-12-16.
Availability of HTTP/2 (stated WHEN? circa 2014-10?)
- Browsers
  - Chrome M39 HTTP/2-draft14, not enabled by default; only over TLS
  - Firefox 34 supports HTTP/2-draft14, only over TLS
    Firefox 33 is current 2014-11-07 at getfirefox.com
  - IE 11, in Windows 10 Technical Preview
  - Safari – no ETA
- Servers
  - nghttp2 is a demonstrator, see implementations
  - Apache httpd – no ETA
  - Nginx – no ETA

Via: backfill

Making the Web Faster with HTTP 2.0 | Ilya Grigorik

Posted on 2013-12-23T22:04:42+00:00 by wbaker

Ilya Grigorik; Making the Web Faster with HTTP 2.0; In ACM Queue; 2013-12-03.

References

Akamai; State of the Internet; 2013.
AT&T; Average speeds for AT&T LaptopConnect Devices; 2013..
AT&T; Best Practices for 3G and 4G App Development; 2012.
Mike Belshe (Google); More bandwidth doesn’t matter (much); 2010-04-08; 6 pages.
Ilya Grigorik (Google); High-performance networking in Google Chrome; 2013-01-13.
HTTP Archive.
IETF HTTPbis Working Group;. Charter; 2012.
IETF HTTPbis Working Group; HTTP 2.0 specifications; 2013.
IETF HTTPbis Working Group; HPACK-Header Compression for HTTP/2.0; 2013.
IETF Network Working Group; Transport Layer Security (TLS) Application Layer Protocol Negotiation Extension; 2013.
L. Upson. 2013. Google I/O 2013 keynote address; 2013-05-15.

Via: backfill

Dynamic Adaptive Streaming over HTTP (DASH)

Posted on 2013-11-12T17:38:30+00:00 by wbaker

Overview of the MPEG-DASH Standard; At the MPEG-DASH Promotional Site
Dynamic Adaptive Streaming over HTTP (DASH); at Jimi Wales’ Wiki

Concepts

MPEG-DASH Media Presentation Description (MPD)

Origin

Adaptive HTTP streaming (AHS) in 3GPP Release 9
HTTP Adaptive Streaming (HAS) in Open IPTV Forum Release 2.

Adobe Systems, HTTP Dynamic Streaming,
Apple, HTTP Live Streaming (HLS)
Microsoft Smooth Streaming.

Standard

ISO/IEC 23009-1:2012

Highlights

Use Cases
- On-Demand
- Live
Ad insertion. Advertisements can be inserted as a period between periods or segment between segments in both on-demand and live cases.
CDN
- Multiple URL
- CCN (CCNx)
Codec
- Agnostic
- Common Encryption
- Multiple DRM
Coding
- Scalable Video Coding (SVC)
- Multiview Video Coding (MVC)

Implementations

DASH VLC Plugin
libdash
Various.
DASH Adaptive Streaming for HTML 5 Video; At Mozilla Developer Resources
- In Firefox 21, out Firefox 23
  - Replace with Media Source Extensions API
- ffmpeg, libwebm (git), webm-tools (git)
WebM DASH Specification; At The WebM Project
DASH over CCN(DASC) at ITEC
- Information Centric Network (ICN)
- draft-video-streaming-over-ICN-00; IETF; Stefan Lederer, Christian Timerer, Cedric Westphal, Christopher Mueller; 2013-07-23.
- Stefan Lederer, Christian Timerer, Cedric Westphal, Christopher Mueller; Adaptive Streaming over ICN; IETF 78; 22 slides.

Via: backfill

High Performance Browser Networking | Ilya Grigorik

Posted on 2013-07-10T11:36:14+00:00 by wbaker

Ilya Grigorik (Google); High Performance Browser Networking; O’Reilly; 2013-08-23; O’Reilly: $35 (available 2013-01), online $0 (available now), Amazon: $27 (available 2013-08-23); 200 pages.

Online Availability (ungated), dated 2012.

Via: backfill

Quick UDP Internet Connections (QUIC)

Posted on 2013-06-28T10:17:11+00:00 by wbaker

Documents

Frequently-Asked Questions (FAQ)
QUIC Design Document and Specification Rationale
Formally:
- QUIC – Quick UDP Internet Connections
  Multiplexed Stream Transport Over UDP
- Jim Roskind <jar@google.com>
- Released: 2013-06-24; First Draft 2012-04
QUIC Crypto Specification
Formally:
- QUID Crypto
- Adam Langley <agl@google.com>
- Wan-Teh Chang <wtc@google.com>
- Revision 2013-06-20.
QUIC Wire Specification
Formally
- No author?
- Comments from
  - ianswett
  - jar
  - ppergame
- Uses ASCII art to exhibit the frame diagram
Chromium source directory
some prototype server code

Mentions

about:flags (in Chrome)
Alexa Top 5000 (source of published dictionary of “trusted” or “known” root certs).
WebRTC
draft-tuexen-tsvwg-sctp-dtls-encaps-00 DTLS Encapsulation of SCTP Packets for RTCWEB; IETF Draft; R. Jessup (WorldGate), S. Oreto (Ericsson), R. Stewart (Adara), M. Tuexen (Muenster University); 2012-03-04, expires: 2012-09-05.

Glossary

AEAD => Authenticated Encryption with Associated Data
AES-GCM
ASCII
CA => Certificate Authority
DNS
DNSSEC
DTLS
ECDSA
FEC => Forward Error Correction
FNV-1a
GUID
HKDF
HMAC
HTTP
UIKM => Input Key Material
IV => Initialization Vector
MTU
NACK
NAT
RSA
RST
RTT
- 0-RTT
- 1-RTT
- 2-RTT
SCTP
SHA-256
SPDY
SYN
TCP
TCP Cubic
TLS
UDP

Statements

(quoted, or not) From any of the documents.

SCTP (alone) appears to require 1 full round trip in connection establishment prior to any data transfer. See section 5 of the SCTP RFC 4960 for a discussion of this requirement.
DTLS appears to routinely require 3 round trips in its connection establishment. DTLS is modeled after TLS, which defaults to a 2 RTT HELLO exchange at connection establishment. As noted in section 8.1 of DTLS’s description<snip/>
There are some efforts to add FEC beneath SCTP,<snip/>
Recent work to extend TCP with TCP Fast Open offers promising strategies for evolving TCP to include data in the initial SYN packet, with plausibly acceptable controls on DOS attacks.
Techniques used in SSL Snap Start will be used for this construction, so as to mitigate replay attacks.
One known attack on TCP that could potentially be worse for QUIC is the Optimistic ACK Attack.
This “self DOS” attack can be used to DOS other users on the same downstream links. This is also possible in TCP; c.f. UMD-CS-TR-4737
Within SPDY
- to specify always-use-QUIC
  Alternate-Protocol: 123:quic
- to specify never-use-QUIC
  Alternate-Protocol-Required: 443:https

Referenced

Jim Roskind (Chromium); Experimenting with QUIC; In Their Blog; 2013-06-27.
Jim Roskind, RTT Reduction Ranger, Google
SCTP (Stream Control Transmission Protocol); at Jimi Wales’ Wiki.
DTLS (Datagram Transport Layer Security); at Jimi Wales’ Wiki.
RFC 5869HMAC-based Extract-and-Expand Key Derivation Function (HKDF); IETF; ISSN: 2070-1721; H. Krawczyk (IBM), P. Eronen (Nokia); 2010-05.
NIST SP 800-56CRecommendation for Key Derivation through Extraction-then-Expansion; NIST Special Publication 800-56C; Lily Chen; National Institute of Standards & Technology; 2011-11; 17 pages.
Rob Sherwood, Bobby Bhattacharjee, Ryan Braud; Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse; Technical Report UMD-CS-TR-4737; University of Maryland; WHEN?

Via: backfill

Browser Security & Web Security in ACM Queue circa 2012-11

Posted on 2013-03-16T08:48:46+00:00 by wbaker

Jeremiah Grossman, Ben Livshits, Rebecca Bace, George Neville-Neil; Browser Security Case Study: Appearances Can Be Deceiving; In ACM Queue; 2012-11-20.
Mentions
- Participants
  - Jeremiah Grossman
    is founder and CTO at WhiteHat Security, founder WASC (Web Application Security Consortium)
  - Ben Livshits
    is a researcher at Microsoft Research and an affiliate professor at the University of Washington.
  - Rebecca Gurley Bace
    is president/CEO of Infidel, a network security consulting practice, and chief strategist for the Center for Forensics, Information Technology, and Security at the University of South Alabama.
  - George Neville-Neil
    is a software engineer, previously with Yahoo! Paranoids
- Concepts
  - HTML5
  - The SSL CA Model (Certificate Authority); i.e. PKI
  - Convergence, the notary method of CA assessment
  - The DoD model (of security, undefined)
  - CSRF
  - RFC-1918
  - FTC
  - DNT (Do Not Track)
  - robots.txt
  - Allow
  - Facebook button
  - Cross-Site Referral Hijacking
  - Local Storage
  - CSP (Content Security Policy)
  - SQL Injection via parameterized SQL statements
- Quips, Citations
  - Moxie Marlinspike
  - Robert Hampton & Jeremiah Grossman on CSRF into RFC 1918 space circa 2006.
  - Dan Greer, a risk management domain expert
- Quotes (two)
  - [Stanza]Only when users begin to see the value of their data and demand more protection for it will privacy measures get their due. If the market shifts in this direction and vendors see that adding better protection to their browsers could actually increase market share, then and only then will those measures become standard operating practice.
    GN-N We talked a little earlier about how it’s the browser users, rather than the browsers themselves, that are the real products here. Anyone care to expand on that?
    
    RB Well, that is the case, and it’s fundamental to this whole space. I would argue that every last conundrum in the area of browser security is rooted in the fact that we’re not dealing with a classic commercial model. That is, at present users don’t pay browser makers for software or, for that matter, the maintenance and upkeep of that software.
    
    JG The browser makers are monetizing your data, directly or indirectly, and therefore cannot see a way to protect that data without losing money. That makes for a really difficult situation.
    
    BL I’m not sure you can actually say it’s the browser makers who are “monetizing your data.” If anything, it’s the sites that are monetizing your data.
    
    JG Actually, there’s a clear interplay there. Just look at Google Chrome; it’s pretty obviously monetizing your data. The Mozilla guys derive 98 percent of their revenue directly from Google. Then you’ve got Microsoft, which you could argue is also desperate now to get into the advertising business. So that raises the question: How can you work to institute healthier business incentives when those efforts are so obviously at odds with the foundation the whole business sits upon?
    
    BL I don’t know. One of the problems with privacy is that it’s difficult to put a value on it. It’s difficult even to convince the users that their own privacy is actually worth all that much.
    
    JG Maybe users just aren’t all that aware of what they’re giving up with every single mouse click.
  - JG I can share how I try to protect myself and how I’ve instructed my mom to do it. Take two browsers—any modern browsers that have been updated will do. The important thing is to have two of them so you can compartmentalize risk. The first of these will be the primary browser, the one you use for all your promiscuous browsing—read the news, visit your favorite Web sites, click on the links in your Twitter feed, and whatever else you feel tempted to do. But don’t ever use the primary browser to do anything with online accounts you consider sensitive or important.
    If you’re using Chrome or Firefox, you should also turn on ad blocking and tracker blocking as extensions in the browser. That’s not just for sanity purposes, but also to prevent a whole lot of malware, which often ends up getting propagated over advertising networks. Bonus points if you run in incognito or private mode. That might save you a little bit of privacy as well. Another thing you should do is to block plugins from playing by default. You can run them whenever you want to with a right click, but don’t let them automatically run. Generally, when you get infected with a virus or a piece of malware, it’s because of some invisible plugin that runs automatically.
    
    Your secondary browser is the one you want to fire up only when it’s time to do online banking or online shopping or anything involving a credit card number, an account number, or anything else you want to protect. Once you’ve fired up that browser, get in and do what you need to do quickly, and then close that thing down.
    
    If you can manage to keep those two worlds separate, when you’re out surfing the Web with your primary browser, it won’t even be possible to hack your bank with a cross-site request forgery request because it will be like you’ve never logged in at that bank. So clickjacking, cross-site request forgery, and cross-site scripting pose almost no threat, since there effectively is no cross site.
Jeremiah Grossman (Whitehat Security); The Web Won’t Be Safe or Secure until We Break It; In ACM Queue; 2012-11-06.
Mentions
- Scope
  - HTML
  - CSS
  - JavaScript
- Classifications
  - XSS => Cross Site Scripting
  - CSRF => Cross-Site Request Forgery
  - Clickjacking
  - Browser intranet hacking
  - “Drive-by” Downloads
  - History sniffing via CSS
  - Invisible iframes
- Purposes
  - login detection
- Techniques
  - iframe onload
  - img onload
  - img onerror
- Market forces
  - Browsers need market share
  - Hard to mandate repairs that “break things”
  - “a more secure platform” is not a value add, not given the porting headache
  - Opt-in features
- Opt-in Schemes
  - Content Security Policy
  - X-Frame-Options
  - Origin
  - Strict Transport Security
  - SSL (Secure Sockets Layer)
  - Secure cookie flag
  - HttpOnly cookie flags
- Proposal
  - Full in-browser sandboxing
  - Make the desktop apps like the “mobile apps”

(Aggressive) HTTP Pipelining in Firefox

Posted on 2013-01-26T10:39:36+00:00 by wbaker

network.http.pipelining, network.http.pipelining.aggressive in Firefox; backfilled; 2013-01-09.
HTTP Pipelining – Not So Fast…(Nor Slow!) | Guy Podjarny; backfilled; 2013-01-06.

Cookie2 & Set-Cookie2 are not supported by Firefox, is deprecated with RFC 6265 anyway

Posted on 2013-01-24T17:35:11+00:00 by wbaker

Comment 19notes that Cookie2 is officially deprecated
- Bug 208985 Set-Cookie2: not accepted (RFC 2965)
- Indeed, using Set-Cookie2 against a Firefox 18 client does nothing
RFC 6265 HTTP State Management Mechanism; A. Barth (UCB); 2011-04
Obsoleted:
- 2965; 2000-10.
- 2109; 1997-02.

Mentions

From in RFC 6265

Servers SHOULD NOT fold multiple Set-Cookie requests; avoid [RFC2616]
Servers SHOULD encode that data, for example, using Base64 [RFC4648].
Servers SHOULD use a four-digit year [RFC1123].
http://publicsuffix.org/; Mozilla’s Public Suffix List; list
Section 9.3 & 9.4 deprecates Cookie2, Set-Cookie2
Barth, A., Jackson, C., and J. Mitchell; Robust Defenses for Cross-Site Request Forgery; In Proceedings of Some Conference; 2008.
Aggarwal, G., Burzstein, E., Jackson, C., and D. Boneh; An Analysis of Private Browsing Modes in Modern Browsers; In Proceedings of USENIX SEC ’10; 2010

The SELinux booleans and Apache httpd

Posted on 2013-01-07T17:44:28+00:00 by wbaker

References

Just about the booleans, not about the labels…

SELinux/apache at the Fedora Project
Backfilled as Some SELinux Recipes
Noted as Bring up multiple WordPress instances on Fedora 16
The man page httpd_selinux(8) on your system.

Actualities

$ getsebool -a | grep httpd
allow_httpd_anon_write --> off
allow_httpd_mod_auth_ntlm_winbind --> off
allow_httpd_mod_auth_pam --> off
allow_httpd_sys_script_anon_write --> off
httpd_builtin_scripting --> on
httpd_can_check_spam --> off
httpd_can_connect_ftp --> off
httpd_can_connect_ldap --> off
httpd_can_connect_zabbix --> off
httpd_can_network_connect --> on
httpd_can_network_connect_cobbler --> off
httpd_can_network_connect_db --> off
httpd_can_network_memcache --> off
httpd_can_network_relay --> off
httpd_can_sendmail --> off
httpd_dbus_avahi --> off
httpd_enable_cgi --> on
httpd_enable_ftp_server --> off
httpd_enable_homedirs --> off
httpd_execmem --> off
httpd_graceful_shutdown --> off
httpd_manage_ipa --> off
httpd_read_user_content --> off
httpd_run_stickshift --> off
httpd_setrlimit --> off
httpd_ssi_exec --> off
httpd_tmp_exec --> off
httpd_tty_comm --> on
httpd_unified --> off
httpd_use_cifs --> off
httpd_use_fusefs --> off
httpd_use_gpg --> off
httpd_use_nfs --> off
httpd_verify_dns --> off

$ uname -a
Linux opened 3.6.6-1.fc16.i686.PAE #1 SMP Mon Nov 5 17:11:25 UTC 2012 i686 i686 i386 GNU/Linux

$ cat /etc/fedora-release 
Fedora release 16 (Verne)

$ rpm -q -a | grep -Ee '(policy|http)' | sort
checkpolicy-2.1.6-2.fc16.i686
httpd-2.2.22-2.fc16.i686
httpd-tools-2.2.22-2.fc16.i686
policycoreutils-2.1.4-13.fc16.i686
policycoreutils-gui-2.1.4-13.fc16.i686
policycoreutils-python-2.1.4-13.fc16.i686
policycoreutils-restorecond-2.1.4-13.fc16.i686
policycoreutils-sandbox-2.1.4-13.fc16.i686
polkit-desktop-policy-0.102-3.fc16.noarch
python-httplib2-0.7.4-6.fc16.noarch
selinux-policy-3.10.0-96.fc16.noarch
selinux-policy-targeted-3.10.0-96.fc16.noarch

Default catchall wildcard VirtualHost stanza for Apache httpd

Posted on 2013-01-06T03:29:20+00:00 by wbaker

References

In httpd documentation at Apache

Folklore and Q&A

Dennis Williamson; Virtualhost For Wildcard Subdomain and Static Subdomain; In Stack Overflow; 2009-04-16.

Example

NameVirtualHost *:80 
<VirtualHost *:80>
    ServerName baker.com
    # baker.com -> www.baker.com
    Redirect permanent / http://www.baker.com/
</VirtualHost>
<VirtualHost *:80>
    ServerName baker.org
    # baker.org -> www.baker.org
    Redirect permanent / http://www.baker.org/
</VirtualHost>
Include vhost/*.conf
<VirtualHost *:80>
    ServerName default
    ServerAlias *
    ServerAlias default.baker.com
    # *anything* else gets redirected back to www.baker.com
    Redirect permanent / http://www.baker.com/
</VirtualHost>

Implementation

Tutorial

Referenced

Promotion

Usage

httpp and httpps

Who

When

httpu and httpmu

Protocols

Related

Irrelevant

General UDP

Specific

Mentions

Assessment

Language (C++)

Dependencies

Runtime

Buildtime

Physical Design

Build System

Portability

Promotion

Actualities

Inventory

Mentions

References

Concepts

Origin

Related

Standard

Implementations

Documents

Mentions

Glossary

Statements

Tags

Referenced

Mentions

References

Actualities

References

Folklore and Q&A

Example