The Accept-Encoding header is used to specify the acceptable transfer encodings.... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

mnarayan01 on July 6, 2017 | parent | context | favorite | on: Defending a website with Zip bombs

The Accept-Encoding header is used to specify the acceptable transfer encodings. Certainly all browsers set it, and most "advanced" frameworks will at least handle the common values of Transfer-Encoding regardless; a "malicious" crawler will almost certainly have to, as plenty of sites use Accept-Encoding along with User-Agent to block undesirable bots.

colanderman on July 6, 2017 [–]

No, Accept-Encoding pairs with Content-Encoding, not Transfer-Encoding (which is controlled by TE as GP indicated). [1] [2]

[1] https://tools.ietf.org/html/rfc7231#section-5.3.4

[2] https://tools.ietf.org/html/rfc7230#section-4.3

mnarayan01 on July 6, 2017 | [–]

Bah I can't read...you two are correct.

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact