Uploaded image for project: 'Traffic Server'
  1. Traffic Server
  2. TS-1981

Url remap method filtering is broken with invalid method

    XMLWordPrintableJSON

Details

    Description

      ACL filtering based on HTTP's method is ignored if method received from client is invalid.

      To reproduce, with the default 8080 server_ports configure the remap.conf as follows.

      map http://localhost:8080/ http://www.google.com/ @method=GET

      Then run the following curl command.

      $ curl -v -X AAAAAA http://localhost:8080/

      Notice that a 200 OK response is received by the client with some (empty) HTML from google.com.

      If the following curl command is issued instead

      $ curl -v -X PUT http://localhost:8080/

      One will see that TS sends back a 403 Access Denied as expected.

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. TS-4098 Remap filtering isn't working to only allow certain methods

          • Major - Major loss of function.
          • Closed

          Activity

            People

              briang Brian Geffon
              thachtran Thach Tran
              Votes:
              0 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: