Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SWAT-20: Remove header injection vulnerability on redirect #18

Conversation

timmartin19
Copy link
Contributor

There was a Header Injection issue (remember HTTP is a text protocol and new
lines matter). Basically you could inject a header or even the text with
certain parameters. Typically, this failed on redirects because of the location
header. We now throw an exception if the redirect url includes a new line or
carriage return. Neither of these are valid (though you can presumably escape
them).

Copy link
Contributor

@lieutdan13 lieutdan13 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't understand why that large chunk is reporting as changed. Other than that, it looks good.

Copy link
Contributor

@lieutdan13 lieutdan13 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh and the version needs to be updated.

@CaleHarter
Copy link

I don't understand why that large chunk is reporting as changed. Other than that, it looks good.

Probably converting between tabs and spaces.

@timmartin19
Copy link
Contributor Author

@lieutdan13 @CaleHarter apparently there's a trailing white space at the end of all those lines that PyCharm removed.

There was a Header Injection issue (remember HTTP is a text protocol and new
lines matter).  Basically you could inject a header or even the text with
certain parameters.  Typically, this failed on redirects because of the location
header.  We now throw an exception if the redirect url includes a new line or
carriage return.  Neither of these are valid (though you can presumably escape
them).
@timmartin19 timmartin19 force-pushed the SWAT-20-remove-header-injection-vulnerability-on-redirect branch from 8b58551 to f68bbab Compare January 31, 2019 14:18
@lieutdan13 lieutdan13 merged commit 2f56206 into OnShift:master Feb 6, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants