Thanks to visit codestin.com
Credit goes to github.com

Skip to content

fix: don't allow x-forwarded-host header#2162

Merged
dead-horse merged 3 commits into
1.xfrom
fix-host
Mar 5, 2018
Merged

fix: don't allow x-forwarded-host header#2162
dead-horse merged 3 commits into
1.xfrom
fix-host

Conversation

@popomore

@popomore popomore commented Mar 5, 2018

Copy link
Copy Markdown
Member
Checklist
  • npm test passes
  • tests and/or benchmarks are included
  • documentation is changed or added
  • commit message follows commit guidelines
Affected core subsystem(s)
Description of change

It's a security issue, x-forwarded-host can be retreived
from ctx.host when app.config.proxy is true, and be injected
to cookie domain.

popomore added 2 commits March 5, 2018 16:49
It's a security issue, x-forwarded-host can be retreived
from ctx.host when app.config.proxy is true, and be injected
to cookie domain.
@popomore popomore mentioned this pull request Mar 5, 2018
4 tasks
assert(req.host === '');
});

it('should return host from X-Forwarded-Host header', function* () {

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

再增加一个支持 X-Forwarded-Host 的例子。

mm(req.header, 'x-forwarded-host', 'foo.com');
mm(req.header, 'host', 'bar.com');
assert(typeof req.host === 'string');
assert(req.host === 'foo.com');

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

加了

@dead-horse dead-horse merged commit 70d5898 into 1.x Mar 5, 2018
@dead-horse dead-horse deleted the fix-host branch March 5, 2018 09:28
@dead-horse

Copy link
Copy Markdown
Member

需要 pick 到 master 吧?

@popomore

popomore commented Mar 5, 2018

Copy link
Copy Markdown
Member Author

恩,我 pick 一下

popomore added a commit that referenced this pull request Mar 5, 2018
It's a security issue, x-forwarded-host can be retreived
from ctx.host when app.config.proxy is true, and be injected
to cookie domain.
popomore added a commit that referenced this pull request Mar 5, 2018
It's a security issue, x-forwarded-host can be retreived
from ctx.host when app.config.proxy is true, and be injected
to cookie domain.

PICK FROM #2162
popomore added a commit that referenced this pull request Mar 5, 2018
It's a security issue, x-forwarded-host can be retreived
from ctx.host when app.config.proxy is true, and be injected
to cookie domain.

PICK FROM #2162
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants