Google Chrome Reports “Duplicate headers received from server”

Chrome Duplicate Headers Message

It seems that this error message has been around since version 16 of Chrome, and was first reported sometime in 2011. The error message basically says that it received two Content-Disposition headers, and that the response was blocked to prevent HTTP response splitting attacks. However, in most cases this error isn’t caused by malicious code, but rather because of an innocuous comma in the filename parameter of the Content-Disposition header. Here’s an example of an actual response header I received while downloading a resume from a popular career site: Content-Disposition: attachment; filename=Beresky_Resume,6pg.docx That was the only Content-Disposition header in the entire response, which raises the question: Why is this a duplicate header? Because according to the HTTP 1.1 specification, section … Continue reading

Reducing Fan Noise from a Dell PowerEdge R905

Images borrowed from the auction page of red_planet_trading on eBay

If you’re read my blog, you know that I have a quite a few servers in my basement that I use as a home lab environment. For home or low-demand virtualization, you can’t beat the Dell R905 for price. Consider that, as of the time I’m writing this post, you can get an R905 like I did with 128 GB of RAM for about $960. That’s only a little more than the cost of the RAM! That machine has 4x AMD Opteron 8356 quad-core CPUs @ 2.3Ghz and two built-in 10gbps ethernet ports (plus 2 gigabit ports), a PERC6i controller, dual PSUs, and a full enterprise DRAC. It’s a little old, but you can’t get those specs in any other … Continue reading

Getting Started with Free CDN from KisoLabs

KisoLabs Homepage

When I was a teenager I had a basement full of computers. (Which is to say that my parents had a basement full of computers.) It was just a hobby at first, but computers eventually turned into an obsession and a profession for me. I liked every aspect of computers, from building hardware to networking to programming. Stay tuned for the bottom of this article where I’ve posted a referral code good for a $50 KisoLabs account credit. In those days (the mid- to late- 90s) DSL was the only way to get affordable static IPs, and I suffered with 192K SDSL (and later, 384K). Content was a lot lighter back then, but I was still suffering the same problems … Continue reading

I propose a new approach to email reputation that allows the (legitimate) little guys to compete

spam_score_ss

I have a problem… I administrate roughly fifteen domains that send email on a regular basis.   Outbound email is handled by two corporate (and one personal) email servers running Zimbra and Exchange, as well as a couple of mail exchangers that handle automated email from web servers. I also don’t send spam.   All automated emails include a clear unsubscribe link, which is a single-click mechanism resulting in an immediate blacklisting of the user’s email address.  Automated emails also include the name and mailing address of the company from which they were sent, as per US federal law.  Corporate and personal emails are used responsibly;  In other words they are not used for blind solicitation nor for any other purposes … Continue reading

Finding Out the IP Address of a New Piece of Tech from eBay

brocade_traffic_screencap

I’ve been through this many times over, and thought I would share:   I just bought a pair of HP Storageworks 4/8 SAN (AKA: Brocade Silkworm 200E) switches off of eBay.  They were listed as “powered up / as-is” by the seller, but the price was too good not to take a risk on them working properly. Of course, they came with no documentation, and not even a label to identify the IP address they held in their original home.  (I have had luck with other items where the IP and even login/password were labelled onto the front of the case). Most times, the following will work flawlessly: Connect your new piece of tech’s management interface (in this case, we’ll use … Continue reading

Delivering Pre-Compressed (gzip) Javascript with PHP only

There are plenty of results in Google for delivering compressed Javascript files using PHP.  However, most of those techniques involve compressing the JS file(s) on the fly. I was looking for a method that would meet the following criteria: The JS file should be pre-compressed using gzip. The gzip version of the JS file should only be delivered if the client’s browser supports gzip. The code below has some pitfalls: It will not work with a CDN or any external content server that does not support PHP. It is more difficult to maintain than compressing on the fly at the web server level (as you must maintain the compressed version of the JS file. I’ll use my quick and dirty … Continue reading

Using Postfix with MySQL Stored Procedures? (Just Use Functions)

postfix_random

If you’re like me and want to use Postfix with a MySQL backend, you may have also wanted to be able to call stored procedures from Postfix. Unfortunately, MySQL stored procs return multiple resultsets while Postfix’s call to the MySQL C API can only process a single resultset.  I banged my head against the wall for a while until I realized that a function called from a SELECT statement would return a Postfix-friendly single resultset. For example, this would be a perfectly acceptable virtual alias map file: user = mailreader password = somepassword dbname = mail_config query = SELECT retval FROM (SELECT fnPostfixVirtualAliasMapGet(‘%s’) AS retval) t WHERE t.retval IS NOT NULL; hosts = 127.0.0.1 This is useful if, for example, … Continue reading

Quieting Dell PowerEdge 1855/1955 Blade System Chassis Fan Noise: Undocumented DRAC/MC Commands

fan_speed_hex

TL;DR: Skip right to the undocumented commands Background I recently purchased a Dell BMX blade chassis on eBay that came loaded with ten 2x dual-core, 24GB PE1955 blades.   For a system with 40 cores, 240 GB of RAM and two 16-port gigabit switches in a 7U frame, $2500 was too good to pass up.  Especially since shipping cost me a mere 2 hour round-trip to Brooklyn. I didn’t really need ten more servers, so I figured I’d sell off 5 or 6 of them (hopefully breaking even on the entire system — the 4GB FB-DIMMs in 6 of the servers is worth $1450 – $1900 alone).  The remaining servers would be all mine! But I forgot to research the noise!  … Continue reading

The Mac vs. PC Debate (Makes No Sense, and PCs are Better)

I grew up on the Mac vs. PC debate.  Hell, I before that I grew up on Apples.  But “Mac or PC” was the first decisive computer issue on which I can remember taking a side. The first computer I ever programmed was an Apple IIe.  I guess I’m dating myself here, but at the time that computer was the greatest thing since .. sliced apples?  Not only was I programming on a IIe, but I was programming robots, using a Fischertechnik robotics kit.  (Oh, and I was doing it at summer camp, putting me that much higher in the nerd-hierarchy).  5.25″ floppies, CATALOG, LIST, GOTO 10;  The whole deal. At some point we got our first computer at home:  A 386SX … Continue reading

Basement Update

We’ve been in the house for about 3 months, and I’ve made some progress in the basement. Here are a few pictures just for posterity: The server rack (well, shelving unit) isn’t pretty, but it gets the job done.  I’m not exactly the computer version of Scrooge McDuck over here, so I stick with desktops.  The UPS on the right is a real old beater — I’ve replaced the batteries 3 times so far.  It’s a nice double-conversion full sine wave model, so I keep it around.   My workstation setup.  My primary machine needs upgrading badly:  A Dell GX280, P4 3.0Ghz, 3GB RAM.  It works for now.  All the monitors are hooked up to something or other, but I … Continue reading