[Hackage] #622: wrong HTTP Content-Type for tar.gz files, breaking cabal-install behind some proxies.
HEAD http://hackage.haskell.org/packages/00-index.tar.gz ... Content-Encoding: x-gzip Content-Length: 1398234 Content-Type: application/x-tar ... }}}
#622: wrong HTTP Content-Type for tar.gz files, breaking cabal-install behind some proxies. --------------------------------+------------------------------------------- Reporter: guest | Owner: Type: defect | Status: new Priority: normal | Milestone: Component: hackageDB website | Version: 1.6.0.1 Severity: normal | Keywords: Difficulty: unknown | Ghcversion: Platform: | --------------------------------+------------------------------------------- As can be seen here, {{{ the file is declared as a tar file with a {{{gzip}}} content encoding. This breaks with at least on virus scanning proxy, namely !AvkHttp (of !InternetSecurity by G DATA): {{{
cabal update -v3 Downloading the latest package list from hackage.haskell.org Sending: GET /packages/archive/00-index.tar.gz HTTP/1.1 Host: hackage.haskell.org User-Agent: cabal-install/0.8.0 Creating new connection to hackage.haskell.org Received: HTTP/1.1 200 OK AvkHttp: timeout-protection ... AvkHttp: timeout-protection Date: Sun, 03 Jan 2010 09:52:53 GMT Server: Apache/2.2.3 (Debian) Last-Modified: Sun, 03 Jan 2010 09:38:56 GMT ETag: "388d94-1555da-5fa0cc00" Accept-Ranges: bytes Content-Length: 17571840 Content-Type: application/x-tar Downloaded to /home/nils/.cabal/packages/hackage.haskell.org/00-index.tar.gz cabal: Codec.Compression.Zlib: incorrect header check }}}
As you can see, the proxy unpacked the data, breaking cabal-install. https://bugs.launchpad.net/malone/+bug/173096 describes a similar problem, and has some discussion about why using {{{Content-Encoding}}} in this way is useful in some cases but hurtful in others. -- Ticket URL: http://hackage.haskell.org/trac/hackage/ticket/622 Hackage http://haskell.org/cabal/ Hackage: Cabal and related projects
#622: wrong HTTP Content-Type for tar.gz files, breaking cabal-install behind some proxies. --------------------------------+------------------------------------------- Reporter: guest | Owner: Type: enhancement | Status: new Priority: normal | Milestone: Component: hackageDB website | Version: 1.6.0.1 Severity: normal | Resolution: Keywords: | Difficulty: unknown Ghcversion: | Platform: --------------------------------+------------------------------------------- Changes (by guest): * type: defect => enhancement Comment: After reading RFC 2616, it becomes clear that the proxy is buggy. A transparent proxy (and a virus checker ought to be one) is not allowed to change Content-Encoding. Even for non-transparent proxies, http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.5.2 says this about Content-Encoding, Content-Range and Content-Type: ''A non-transparent proxy MAY modify or add these fields to a message that does not include no-transform, but if it does so, it MUST add a Warning 214 (Transformation applied) if one does not already appear in the message (see section 14.46).'' There's no such warning in the reply above. I still think the headers should be different, but it doesn't seem to be a bug on the hackage side. Perhaps adding a {{{Cache-Control: no- transform}}} header to the HTTP requests from cabal-install would be a good idea as well. -- Ticket URL: http://hackage.haskell.org/trac/hackage/ticket/622#comment:1 Hackage http://haskell.org/cabal/ Hackage: Cabal and related projects
participants (1)
-
Hackage