Repository: trafficserver Updated Branches: refs/heads/master 46edfde61 -> 0c7bff91f
TS-4145: Fix cross-site scripting exploits in error messages. This closes #436. Address potential cross-site scripting exploits in the following files: 1.) Replace the variable psh with epsh in files: proxy/config/body_factory/default/redirect#moved_temporarily proxy/config/body_factory/default/redirect#moved_permanently 2.) Variable cqh in proxy/config/body_factory/default/access#redirect_url should be replaced with ecqh. However the files appears unutilized in ATS 6.0.0, hence remove from Makefile alltogether. Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/0c7bff91 Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/0c7bff91 Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/0c7bff91 Branch: refs/heads/master Commit: 0c7bff91f4f8cafa5a9b4dd61c52d8e4398b6ab9 Parents: 46edfde Author: dchokshi <[email protected]> Authored: Fri Jan 22 15:51:56 2016 -0500 Committer: Alan M. Carroll <[email protected]> Committed: Fri Jan 22 18:10:26 2016 -0600 ---------------------------------------------------------------------- proxy/config/body_factory/default/Makefile.am | 1 - proxy/config/body_factory/default/redirect#moved_permanently | 2 +- proxy/config/body_factory/default/redirect#moved_temporarily | 2 +- 3 files changed, 2 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0c7bff91/proxy/config/body_factory/default/Makefile.am ---------------------------------------------------------------------- diff --git a/proxy/config/body_factory/default/Makefile.am b/proxy/config/body_factory/default/Makefile.am index a9402ba..d89311a 100644 --- a/proxy/config/body_factory/default/Makefile.am +++ b/proxy/config/body_factory/default/Makefile.am @@ -21,7 +21,6 @@ bodyfactorydir = $(pkgsysconfdir)/body_factory/default dist_bodyfactory_DATA = \ access\#denied \ access\#proxy_auth_required \ - access\#redirect_url \ access\#ssl_forbidden \ .body_factory_info \ cache\#not_in_cache \ http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0c7bff91/proxy/config/body_factory/default/redirect#moved_permanently ---------------------------------------------------------------------- diff --git a/proxy/config/body_factory/default/redirect#moved_permanently b/proxy/config/body_factory/default/redirect#moved_permanently index a5c5036..171e927 100644 --- a/proxy/config/body_factory/default/redirect#moved_permanently +++ b/proxy/config/body_factory/default/redirect#moved_permanently @@ -8,7 +8,7 @@ <HR> <FONT FACE="Helvetica,Arial"><B> -Description: The document you requested has moved to a new location. The new location is "%<{Location}psh>". +Description: The document you requested has moved to a new location. The new location is "%<{Location}epsh>". </B></FONT> <HR> </BODY> http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0c7bff91/proxy/config/body_factory/default/redirect#moved_temporarily ---------------------------------------------------------------------- diff --git a/proxy/config/body_factory/default/redirect#moved_temporarily b/proxy/config/body_factory/default/redirect#moved_temporarily index a5c5036..171e927 100644 --- a/proxy/config/body_factory/default/redirect#moved_temporarily +++ b/proxy/config/body_factory/default/redirect#moved_temporarily @@ -8,7 +8,7 @@ <HR> <FONT FACE="Helvetica,Arial"><B> -Description: The document you requested has moved to a new location. The new location is "%<{Location}psh>". +Description: The document you requested has moved to a new location. The new location is "%<{Location}epsh>". </B></FONT> <HR> </BODY>
