Egon 0 Posted October 9, 2017 Share Posted October 9, 2017 Currently ESET is rewriting body chunks and removing trailers with HTTP Transfer-Encoding:chunked. HTTP Server sends: HTTP/1.1 200 OK Trailer: Server-Trailer-C Content-Type: text/plain; charset=utf-8 Transfer-Encoding: chunked d Hello, World! D Hello, World! 0 Server-Trailer-C: XYZ With Web Protocols > Enable HTTP Protocol checking enabled, the client reads this response: HTTP/1.1 200 OK Trailer: Server-Trailer-C Content-Type: text/plain; charset=utf-8 Transfer-Encoding: chunked 1a Hello, World!Hello, World! 0 With HTTP Protocol checking disabled, it reads exact response as written by the Server. Excluding the server from being checked/handled in "URL Address management" did not work either. Web Protection should not rewrite the body nor remove the trailers, unless there is a good reason. If there is a good reason, there should be a way to disable it for a particular server, because currently the only way is to disable the HTTP Protocol checking completely. This behavior is making go compiler net/http tests fail when you have ESET installed. To reproduce the issue, here is a minimal standalone program: hxxp://egonelbre.com/support/eset/httptrailer.exe hxxp://egonelbre.com/support/eset/httptrailer.go (in case you do not want to run the binary directly) Probably related issue: Link to comment Share on other sites More sharing options...
ESET Moderators Peter Randziak 1,177 Posted October 11, 2017 ESET Moderators Share Posted October 11, 2017 Hello Egon, thank you for reporting it and the PoC as well, ee will check it here. The exclusions work, but you have to specify the domain including the wildcards like *.domain.com/* Regards, P.R. Link to comment Share on other sites More sharing options...
Egon 0 Posted October 11, 2017 Author Share Posted October 11, 2017 I have tried all of these without any success: localhost *localhost* 127.0.0.1 *127.0.0.1* *127.0.0.1/* *127.0.0.1:10000* *127.0.0.1:10000/* Link to comment Share on other sites More sharing options...
ESET Moderators Peter Randziak 1,177 Posted October 17, 2017 ESET Moderators Share Posted October 17, 2017 Hello @Egon, thank you once again for reporting this issue. It should be fixed in next Internet protection module (distributed automatically along with other modules updates), expected version of Internet protection module with this fix is 1319. Regards, P.R. Link to comment Share on other sites More sharing options...
Egon 0 Posted October 18, 2017 Author Share Posted October 18, 2017 Thanks, it seems to be working now. Although, internet protection module is still at 1315, maybe it was also in Network module 1555, that's the only one that was recently update... regardless, it works, so I'm happy Link to comment Share on other sites More sharing options...
Recommended Posts