Uploaded image for project: 'Traffic Server'
  1. Traffic Server
  2. TS-4145

ATS 6.0.0 - Address cross-site scripting exploits in error messages

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 6.2.0
    • Component/s: Configuration, Parent Proxy
    • Labels:
      None

      Description

      Address potential cross-site scripting exploits in the following files:

      1.) Replace the variable psh with epsh in files:
      proxy/config/body_factory/default/redirect#moved_temporarily
      proxy/config/body_factory/default/redirect#moved_permanently

      2.) Variable cqh in proxy/config/body_factory/default/access#redirect_url should be replaced with ecqh. However the files appears unutilized in ATS6.0.0, hence remove from Makefile alltogether.

      Suggested patch:
      diff -Nrup trafficserver-6.0.0/proxy/config/body_factory/default/Makefile.am trafficserver-6.0.0-1/proxy/config/body_factory/default/Makefile.am
      — trafficserver-6.0.0/proxy/config/body_factory/default/Makefile.am 2015-09-08 13:43:45.000000000 -0400
      +++ trafficserver-6.0.0-1/proxy/config/body_factory/default/Makefile.am 2016-01-19 12:49:44.823719964 -0500
      @@ -21,7 +21,6 @@ bodyfactorydir = $(pkgsysconfdir)/body_f
      dist_bodyfactory_DATA = \
      access#denied \
      access#proxy_auth_required \

      • access#redirect_url \
        access#ssl_forbidden \
        .body_factory_info \
        cache#not_in_cache \
        diff -Nrup trafficserver-6.0.0/proxy/config/body_factory/default/redirect#moved_permanently trafficserver-6.0.0-1/proxy/config/body_factory/defau
        lt/redirect#moved_permanently
          • trafficserver-6.0.0/proxy/config/body_factory/default/redirect#moved_permanently 2015-09-08 13:43:45.000000000 -0400
            +++ trafficserver-6.0.0-1/proxy/config/body_factory/default/redirect#moved_permanently 2016-01-19 12:50:47.669068203 -0500
            @@ -8,7 +8,7 @@
            <HR>

      <FONT FACE="Helvetica,Arial"><B>
      -Description: The document you requested has moved to a new location. The new location is "%<

      {Location}psh>".
      +Description: The document you requested has moved to a new location. The new location is "%<{Location}

      epsh>".
      </B></FONT>
      <HR>
      </BODY>
      diff -Nrup trafficserver-6.0.0/proxy/config/body_factory/default/redirect#moved_temporarily trafficserver-6.0.0-1/proxy/config/body_factory/defau
      lt/redirect#moved_temporarily
      — trafficserver-6.0.0/proxy/config/body_factory/default/redirect#moved_temporarily 2015-09-08 13:43:45.000000000 -0400
      +++ trafficserver-6.0.0-1/proxy/config/body_factory/default/redirect#moved_temporarily 2016-01-19 12:50:33.548765337 -0500
      @@ -8,7 +8,7 @@
      <HR>

      <FONT FACE="Helvetica,Arial"><B>
      -Description: The document you requested has moved to a new location. The new location is "%<

      {Location}psh>".
      +Description: The document you requested has moved to a new location. The new location is "%<{Location}

      epsh>".
      </B></FONT>
      <HR>
      </BODY>

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                amc Alan M. Carroll
                Reporter:
                dchokshi Devaki
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: