https://bz.apache.org/bugzilla/show_bug.cgi?id=61560
Bug ID: 61560
Summary: Incorrect string matching used in
ProxyPassReverseCookiePath and
ProxyPassReverseCookieDomain
Product: Apache httpd-2
Version: 2.4.27
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P2
Component: mod_proxy
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
When using a reverse proxy, mod_proxy is not properly parsing the Set-Cookie
header when modifying on the way back to the client.
The issue is in the definition of the string matcher:
ap_proxy_strmatch_path = apr_strmatch_precompile(pconf, "path=", 0);
ap_proxy_strmatch_domain = apr_strmatch_precompile(pconf, "domain=", 0);
The issue is obvious to see and easily reproduced if the origin server sets a
cookie whose name ends in the word "path" or "domain".
For example, if the reverse proxy has a configuration directive such as:
ProxyPassReverseCookiePath / /my/nested/path
and the origin server sets a header like:
Set-Cookie: testPath=/hello;path=/
then the reverse proxy will rewrite the value of the cookie in the header to:
Set-Cookie: testPath=/my/nested/path;path=/
which is to say, it did NOT rewrite the cookie path (still "/"), but rather it
rewrote the cookie value because the cookie name ended with the letters "path".
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
