Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 422246eb265bc0cfebb5c872ba3d4289798f9cd3
commit422246eb265bc0cfebb5c872ba3d4289798f9cd3[log] [tgz]
authorWilly Tarreau <w@1wt.eu>Sat Jan 07 23:54:13 2012 +0100
committerWilly Tarreau <w@1wt.eu>Sat Jan 07 23:55:20 2012 +0100
treedb32eaa2548697679ce17255e7e242b069850fbc
parent2e9506d7717ee0a17a044a334f6b1cddf46a00a6 [diff]
MEDIUM: http: block non-ASCII characters in URIs by default

These ones are invalid and blocked unless "option accept-invalid-http-request"
is specified in the frontend. In any case, the faulty request is logged.

Note that some of the remaining invalid chars are still not checked against,
those are the invalid ones between 32 and 127 :

    34 ('"'), 60 ('<'), 62 ('>'), 92 ('\'), 94 ('^'),
    96 ('`'), 123 ('{'), 124 ('|'), 125 ('}')

Using a lookup table might be better at some point.
2 files changed
tree: db32eaa2548697679ce17255e7e242b069850fbc
  1. contrib/
  2. doc/
  3. ebtree/
  4. examples/
  5. include/
  6. src/
  7. tests/
  8. .gitignore
  9. CHANGELOG
  10. LICENSE
  11. Makefile
  12. Makefile.bsd
  13. Makefile.osx
  14. README
  15. ROADMAP
  16. SUBVERS
  17. TODO
  18. VERDATE
  19. VERSION