[Varnish] #939: Error 400 if a single header exceeds 2048 characters
Varnish
varnish-bugs at varnish-cache.org
Sat Jun 18 11:47:57 CEST 2011
#939: Error 400 if a single header exceeds 2048 characters
-------------------+--------------------------------------------------------
Reporter: david | Type: defect
Status: new | Priority: normal
Milestone: | Component: build
Version: trunk | Severity: normal
Keywords: |
-------------------+--------------------------------------------------------
Comment(by phk):
Take the X-Forwarded-For header as example: You append to that when ever
you go through a proxy.
Imagine you have a load-balancer sitting in front of your varnish which
does that, and that you need the X-F-F header for something important.
If Varnish just drops headers that are too long, you have now made it
possible for an adversary to send a X-F-F: header which is 2046 chars
long, your balancer adds the IP to it and your varnish throws it away.
That sort of scenario makes my security-alarm tingle faintly.
Your points about documentation and diagnostics are taken, so the ticket
stays open as a reminder for now.
--
Ticket URL: <http://www.varnish-cache.org/trac/ticket/939#comment:4>
Varnish <http://varnish-cache.org/>
The Varnish HTTP Accelerator
More information about the varnish-bugs
mailing list