Chenjp commented on PR #993: URL: https://github.com/apache/tomcat/pull/993#issuecomment-4272553987
Potential issues: - remote ip / host may be manipulated if xff misconfiguration in trusted intermediate layer / proxy - security logs message injection We may declare it is not tomcat fault: The trusted proxy service violates the implicit trust assumptions of the Tomcat. Or we can do more to make it safer, and audit trail trustworthy: 1. Escaping those fields in XxxAccessLogValve: prevent the ip/host field from being a window to poison the entire log entry (overflow to other critical audit fields, e.g., uri, status) 2. Remote Ip Valve / filter: as security related components, need ignore apparent invalid headers which were malicious obviously, or 3. Performing syntax / semantics checking in HttpParser, reject with 400. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
