git.ipfire.org Git - thirdparty/haproxy.git/commit

author	Christopher Faulet <cfaulet@haproxy.com>
	Thu, 12 Sep 2024 07:33:32 +0000 (09:33 +0200)
committer	Christopher Faulet <cfaulet@haproxy.com>
	Mon, 16 Sep 2024 20:55:25 +0000 (22:55 +0200)
commit	4de663269367f689cb1607d621d77db2d88d95f0
tree	c73db2734777964132380beeebe6adf29e3a90bb	tree \| snapshot
parent	0f4fad5291027a7dfc8109fbbe2acd0bac8affd0	commit \| diff

MINOR: proxy: Rename accept-invalid-http-* options

With these options, it is possible to accept some invalid messages that may
considered as unsafe and may result as vulnerabilities. The naming is not
explicit enough on this point. These option must really be considered as
dangerous and only used as a temporary workaround. Unfortunately, when used,
it is probably because there are some legacy and unsupported applications in
place. Nevermind. The documentation warns about the use of these
options. Now the name of the options itself is a warning.

So now, "accept-invalid-http-request" and "accept-invalid-http-response"
options are deprecated and replaced by
"accept-unsafe-violations-in-http-request" and
"accept-unsafe-violations-in-http-response" options.

doc/configuration.txt		diff \| blob \| blame \| history
doc/management.txt		diff \| blob \| blame \| history
reg-tests/http-rules/normalize_uri.vtc		diff \| blob \| blame \| history
src/cfgparse-listen.c		diff \| blob \| blame \| history
src/h1.c		diff \| blob \| blame \| history
src/h1_htx.c		diff \| blob \| blame \| history
src/h2.c		diff \| blob \| blame \| history
src/h3.c		diff \| blob \| blame \| history
src/proxy.c		diff \| blob \| blame \| history