You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficserver.apache.org by "Cynthia Gu (JIRA)" <ji...@apache.org> on 2014/11/11 02:21:35 UTC
[jira] [Comment Edited] (TS-1570) remap doesn't reject request
whose Host has extra characters after port (like "test.com:80xxx")
[ https://issues.apache.org/jira/browse/TS-1570?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14205725#comment-14205725 ]
Cynthia Gu edited comment on TS-1570 at 11/11/14 1:21 AM:
----------------------------------------------------------
The root cause is in HTTPHdr::_fill_target_cache(). It processes port string and stops before the non-digit char.
// Check in the URL first, then the HOST field.
if (0 != url->host_get(&m_host_length)) {
m_target_in_url = true;
m_port = url->port_get();
m_port_in_header = 0 != url->port_get_raw();
m_host_mime = NULL;
} else if (0 != (m_host_mime = const_cast<HTTPHdr*>(this)->get_host_port_values(0, &m_host_length, &port_ptr, 0))) {
if (port_ptr) {
m_port = 0;
for ( ; is_digit(*port_ptr) ; ++port_ptr )
m_port = m_port * 10 + *port_ptr - '0';
m_port_in_header = (0 != m_port);
}
m_port = url_canonicalize_port(url->m_url_impl->m_url_type, m_port);
}
was (Author: cynthiagu):
The root cause is in HTTPHdr::_fill_target_cache(). It processes port string and stops before the non-digit char.
> remap doesn't reject request whose Host has extra characters after port (like "test.com:80xxx")
> -----------------------------------------------------------------------------------------------
>
> Key: TS-1570
> URL: https://issues.apache.org/jira/browse/TS-1570
> Project: Traffic Server
> Issue Type: Bug
> Components: HTTP
> Affects Versions: 3.3.0
> Reporter: Conan Wang
> Assignee: Cynthia Gu
> Priority: Minor
> Fix For: 5.3.0
>
>
> remap.config: map http://test.com http://1.1.1.1
> The request with Host: 'test.com:80xxx' or 'test.com:xxx' will get passed. Such host is not filtered strictly.
> Just report, didn't have big problem for me though.
> curl http://127.0.0.1:8080/ -H "Host: test.com:80xxx"
> or curl -x 127.0.0.1:8080 http://test.com:80xxx/ -v
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)