]> git.ipfire.org Git - thirdparty/apache/httpd.git/commit
projects / thirdparty / apache / httpd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5c49a85) | patch
http: Enforce that fully qualified uri-paths not to be forward-proxied
authorYann Ylavic <ylavic@apache.org>
Mon, 13 Dec 2021 18:55:18 +0000 (18:55 +0000)
committerYann Ylavic <ylavic@apache.org>
Mon, 13 Dec 2021 18:55:18 +0000 (18:55 +0000)
commit3ec0ffb9e1ac05622b97a7afd6992dd2bd41ce38
tree507e70b7677f204290b5a8c176159ede06ba7a63tree
parent5c49a85c126d23f89fe02531d12da74ce33a0d92commit | diff
http: Enforce that fully qualified uri-paths not to be forward-proxied
      have an http(s) scheme, and that the ones to be forward proxied have a
      hostname, per HTTP specifications.

The early checks avoid failing the request later on and thus save cycles
for those invalid cases.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1895921 13f79535-47bb-0310-9956-ffa450edef68
changes-entries/http_enforcements.txt [new file with mode: 0644] blob
include/ap_mmn.h diff | blob | blame | history
include/http_protocol.h diff | blob | blame | history
modules/http/http_request.c diff | blob | blame | history
modules/http2/h2_request.c diff | blob | blame | history
modules/proxy/mod_proxy.c diff | blob | blame | history
server/protocol.c diff | blob | blame | history
Mirror of https://github.com/apache/httpd.git