You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@trafficserver.apache.org by "Cynthia Gu (JIRA)" <ji...@apache.org> on 2014/11/11 02:21:35 UTC

[jira] [Comment Edited] (TS-1570) remap doesn't reject request whose Host has extra characters after port (like "test.com:80xxx")

    [ https://issues.apache.org/jira/browse/TS-1570?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14205725#comment-14205725 ] 

Cynthia Gu edited comment on TS-1570 at 11/11/14 1:21 AM:
----------------------------------------------------------

The root cause is in HTTPHdr::_fill_target_cache(). It processes port string and stops before the non-digit char.

 // Check in the URL first, then the HOST field.
  if (0 != url->host_get(&m_host_length)) {
    m_target_in_url = true;
    m_port = url->port_get();
    m_port_in_header = 0 != url->port_get_raw();
    m_host_mime = NULL;
  } else if (0 != (m_host_mime = const_cast<HTTPHdr*>(this)->get_host_port_values(0, &m_host_length, &port_ptr, 0))) {
    if (port_ptr) {
      m_port = 0;
      for ( ; is_digit(*port_ptr) ; ++port_ptr )
        m_port = m_port * 10 + *port_ptr - '0';
      m_port_in_header = (0 != m_port);
    }
    m_port = url_canonicalize_port(url->m_url_impl->m_url_type, m_port);
  }


was (Author: cynthiagu):
The root cause is in HTTPHdr::_fill_target_cache(). It processes port string and stops before the non-digit char.

> remap doesn't reject request whose Host has extra characters after port (like "test.com:80xxx")
> -----------------------------------------------------------------------------------------------
>
>                 Key: TS-1570
>                 URL: https://issues.apache.org/jira/browse/TS-1570
>             Project: Traffic Server
>          Issue Type: Bug
>          Components: HTTP
>    Affects Versions: 3.3.0
>            Reporter: Conan Wang
>            Assignee: Cynthia Gu
>            Priority: Minor
>             Fix For: 5.3.0
>
>
> remap.config:    map http://test.com  http://1.1.1.1
> The request with Host: 'test.com:80xxx' or 'test.com:xxx' will get passed. Such host is not filtered strictly. 
> Just report, didn't have big problem for me though.
> curl http://127.0.0.1:8080/ -H "Host: test.com:80xxx"
> or curl -x 127.0.0.1:8080 http://test.com:80xxx/ -v



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)