Uploaded image for project: 'Traffic Server'
  1. Traffic Server
  2. TS-1981

Url remap method filtering is broken with invalid method

    XMLWordPrintableJSON

    Details

      Description

      ACL filtering based on HTTP's method is ignored if method received from client is invalid.

      To reproduce, with the default 8080 server_ports configure the remap.conf as follows.

      map http://localhost:8080/ http://www.google.com/ @method=GET
      

      Then run the following curl command.

      $ curl -v -X AAAAAA http://localhost:8080/
      

      Notice that a 200 OK response is received by the client with some (empty) HTML from google.com.

      If the following curl command is issued instead

      $ curl -v -X PUT http://localhost:8080/
      

      One will see that TS sends back a 403 Access Denied as expected.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                briang Brian Geffon
                Reporter:
                thachtran Thach Tran
              • Votes:
                0 Vote for this issue
                Watchers:
                10 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: