[Varnish] #1862: Request URL with whitespace is allowed

Varnish varnish-bugs at varnish-cache.org
Mon Feb 29 10:48:34 CET 2016

#1862: Request URL with whitespace is allowed
 Reporter:  espebra   |       Owner:
     Type:  defect    |      Status:  new
 Priority:  normal    |   Milestone:
Component:  varnishd  |     Version:  4.0.3
 Severity:  normal    |  Resolution:
 Keywords:            |

Comment (by Dridi):

 In Espen's test case, the client URL is {{{"/foo bar"}}} and {{{"bar"}}}
 leaks in {{{req.proto}}}, so we have a workaround:

 sub vcl_recv {
         if (req.proto !~ "^HTTP/1.[01]$") {
                 return (synth(400, "Bad Request"));

 I'm personally leaning toward a 400 error because it's simple and it
 doesn't acknowledge non-compliant clients (which I believe in most cases
 would be malicious).

Ticket URL: <https://www.varnish-cache.org/trac/ticket/1862#comment:2>
Varnish <https://varnish-cache.org/>
The Varnish HTTP Accelerator

More information about the varnish-bugs mailing list