-
Notifications
You must be signed in to change notification settings - Fork 199
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Nginx lense parsing issue related to empty string value #657
Comments
There seems to be two issues here actually:
I've looked into it and it doesn't seem simple to fix with the code as it is now. |
Thanks for the response, I'd be amazed if server_name parameter fails to parse wholesale. It's literally the primary identifier for an nginx virtual server, and the underlying means of routing same port traffic to different http endpoints. If that parameter was unable to be parsed/configured via augeas with the nginx lens it would be almost useless in any production configuration. That said, given that the empty quotes can't be parsed the above is moot in terms of my specific issue. Sounds like a good old fashioned sed -i is in my near future on this one. Cheers. |
If you want this implemented in Augeas, you can also send me an email and we'll see what we can do. |
Thanks, I'll shoot you an email as well. It's a minor issue from an nginx security standpoint but under the wrong circumstances not performing the empty host header rejection can cause an internal IP exposure risk. I believe we have a workaround that doesn't require the empty servername block but it's unnecessarily complicated. |
I'm running into a parsing issue with the Nginx documented solution for dropping traffic that contains an empty Host header.
Nginx Request processing documentation
I've identified the point of failure parsing the conf file based on manually running augtool with the get parameter.
Line in question:
server_name "";
I recall seeing other issues related to quote characters as I was trying to resolve this initially, and initially believed it may be similar to this issue.
The text was updated successfully, but these errors were encountered: