search

internetstandards / Internet.nl

Internet standards compliance test suite
https://internet.nl
166 stars 36 forks source link

Test if Accept-Encoding can be changed to `*` #1352

Closed bwbroersma closed 3 months ago

bwbroersma commented 3 months ago

See https://github.com/internetstandards/Internet.nl/issues/1347#issuecomment-2009836511

bwbroersma commented 3 months ago

Because it was mentioned in https://github.com/coreruleset/coreruleset/pull/2357 I checked the use of * (listed in the HTTP/1.1 - 14.3 Accept-Encoding - RFC 2616), apparently * doesn't work in practice (at least not with Google or nginx):

$ curl https://www.rijksoverheid.nl/ -H 'Accept-Encoding: gzip, br, zstd'  -sSfD- -o/dev/null | grep -i content-encoding
content-encoding: gzip
$ curl https://www.rijksoverheid.nl/ -H 'Accept-Encoding: *'  -sSfD- -o/dev/null | grep -i content-encoding

$ curl https://www.google.com/ -H 'Accept-Encoding: gzip, br, zstd'  -sSfD- -o/dev/null | grep -i content-encoding
content-encoding: gzip
$ curl https://www.google.com/ -H 'Accept-Encoding: *'  -sSfD- -o/dev/null | grep -i content-encoding
bwbroersma commented 3 months ago

Therefore * is not an option here.