Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Avoid echoing request URL in proxy error #80641

Merged
merged 1 commit into from Jul 30, 2019
Merged

Avoid echoing request URL in proxy error #80641

merged 1 commit into from Jul 30, 2019

Conversation

liggitt
Copy link
Member

@liggitt liggitt commented Jul 26, 2019
edited

What type of PR is this?
/kind bug

What this PR does / why we need it:
Avoids echoing the request URL and explicitly sets content-type to text/plain in proxy response errors to avoid injected XSS possibilities.

Which issue(s) this PR fixes:
Fixes #78467

Does this PR introduce a user-facing change?:

NONE

@k8s-ci-robot k8s-ci-robot added size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. needs-kind Indicates a PR lacks a `kind/foo` label and requires one. needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. needs-priority Indicates a PR lacks a `priority/foo` label and requires one. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels Jul 26, 2019
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: liggitt

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. release-note-none Denotes a PR that doesn't merit a release note. kind/bug Categorizes issue or PR as related to a bug. and removed do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. needs-kind Indicates a PR lacks a `kind/foo` label and requires one. labels Jul 26, 2019
@liggitt
Copy link
Member Author

liggitt commented Jul 26, 2019

/sig api-machinery
/cc @deads2k
/area security
/priority important-soon

@k8s-ci-robot k8s-ci-robot added sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. area/security priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. and removed needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. needs-priority Indicates a PR lacks a `priority/foo` label and requires one. labels Jul 26, 2019
@liggitt liggitt mentioned this pull request Jul 26, 2019
Closed
@dims
Copy link
Member

dims commented Jul 26, 2019

looks like we did the same thing in other places earlier - https://github.com/kubernetes/kubernetes/pull/37190/files. is the charset=utf-8 because of what the error string may contain?

/lgtm

/hold
( hold for more reviews if necessary, especially @deads2k )

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jul 26, 2019
@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jul 26, 2019
@liggitt
Copy link
Member Author

liggitt commented Jul 26, 2019

is the charset=utf-8 because of what the error string may contain?

yes

@liggitt
Copy link
Member Author

liggitt commented Jul 29, 2019

/hold cancel

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jul 29, 2019
@liggitt
Copy link
Member Author

liggitt commented Jul 30, 2019

/retest

@fejta-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to fejta).

Review the full test history for this PR.

Silence the bot with an /lgtm cancel or /hold comment for consistent failures.

@k8s-ci-robot k8s-ci-robot merged commit 6e85da0 into kubernetes:master Jul 30, 2019
@k8s-ci-robot k8s-ci-robot added this to the v1.16 milestone Jul 30, 2019
@liggitt liggitt deleted the proxy-xss branch July 31, 2019 12:39
@priscofarina
Copy link

Is this fix mapped with the latest versions?
Looking to the v0.19.3 code I don't see these changes and scanning my docker image (XRAY scanning) that is integrating the version v0.19.3 I can see this vulnerability that seems fixed in a version older than the one I am using.

Am I wrong?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@deads2k deads2k Awaiting requested review from deads2k

@caesarxuchao caesarxuchao Awaiting requested review from caesarxuchao

@wojtek-t wojtek-t Awaiting requested review from wojtek-t

Assignees

@dims dims

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/security cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/bug Categorizes issue or PR as related to a bug. lgtm "Looks good to me", indicates that a PR is ready to be merged. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. release-note-none Denotes a PR that doesn't merit a release note. sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
v1.16
Development

Successfully merging this pull request may close these issues.

Cross Site Scripting (Reflected) vulnerability in kube-apiserver proxy
5 participants
@liggitt @k8s-ci-robot @dims @fejta-bot @priscofarina