Inside nginx blog: "Managing request headers" , there is a method:
search_headers_in which can search for arbitrary headers, however this
method use ngx_strcasecmp( "ngx_strcasecmp(u_char *s1, u_char *s2)") which
assume the input s1 must be '\0' terminated.
so inside the code below, this
details: https://hg.nginx.org/njs/rev/6b226ed1b25d
branches:
changeset: 1838:6b226ed1b25d
user: Dmitry Volyntsev
date: Thu Apr 14 16:07:34 2022 -0700
description:
Fixed Response headers iteration in Fetch API.
Previously, heap-use-after-free might occur when HTTP Response was
details: https://hg.nginx.org/njs/rev/eab387c72d90
branches:
changeset: 1837:eab387c72d90
user: Dmitry Volyntsev
date: Thu Apr 14 15:39:15 2022 -0700
description:
Version bump
diffstat:
src/njs.h | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diffs (12 lines):
diff
# HG changeset patch
# User Vadim Fedorenko
# Date 1649976970 -10800
# Fri Apr 15 01:56:10 2022 +0300
# Node ID 39dea3973d47e0bcd226beb3c6554dcdc0e26495
# Parent 0c50a00e67334659d58d3cf7cb81fcf5872a8285
Tests: added Expires and Cache-Control headers test
diff -r 0c50a00e6733 -r
# HG changeset patch
# User Vadim Fedorenko
# Date 1649889268 -10800
# Thu Apr 14 01:34:28 2022 +0300
# Node ID ed7a2c031475bcb252952a467c184c94652b926a
# Parent a736a7a613ea6e182ff86fbadcb98bb0f8891c0b
Upstream: prioritise Cache-Control over Expires.
RFC7234 explicitly says that cache
Hello!
On Thu, Apr 14, 2022 at 10:56:58AM -0400, Jeffrey Walton wrote:
> Hi Everyone,
>
> I'm examining a webapp which had a scan looking for security related
> errata and vulnerabilities. The app is hosted on Google Cloud (GPC)
> and the webserver is Nginx. Only the app was scanned. GPC and
Hi Everyone,
I'm examining a webapp which had a scan looking for security related
errata and vulnerabilities. The app is hosted on Google Cloud (GPC)
and the webserver is Nginx. Only the app was scanned. GPC and Nginx
were not scanned.
The scan produced an interesting finding I have not seen
Здравствуйте, Roman.
Раньше проверить небыло возможности, так как не работал вход на сайт с
использованием HTTP3 - возникала ошибка с cookies.
В основном ошибка возникает на файлах с картинками.
Так же, после активном промотки страницы браузер переключается на HTTP2
протокол. Через некоторое
Здравствуйте,
> On 14 Apr 2022, at 2:00 PM, izor...@gmail.com wrote:
>
> Здравствуйте
> На последней ревизии nginxQuic (rev 55b38514729b) столкнулся с частыми
> ошибками:
> net::ERR_QUIC_PROTOCOL_ERROR 200:
> [info] 29411#29411: *397 quic unknown transport param id:0x20, skipped while
>
On Thu, Apr 14, 2022 at 07:02:28AM -0400, arx wrote:
Hi there,
> the important thing for me is the dns, the port is static and no server do
> the check,
> the problem that I don't know how it is calls the variable with what name
> the client makes the request (the dns that is invoked in the GET
I succeeded, practically the directives
roxy_buffering off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
they had to be placed on top location "if ($host ~ testdns) {
and under
location / {
now I should make an external
the important thing for me is the dns, the port is static and no server do
the check,
the problem that I don't know how it is calls the variable with what name
the client makes the request (the dns that is invoked in the GET method by
the client) present in access.log
[14/Apr/2022:12:22:57 +0200]
On Wed, Apr 13, 2022 at 07:43:48AM -0400, arx wrote:
Hi there,
> for security problems on my server, I should create a reverse proxy that
> allows only those who use the dns provided by me to be able to pass.
> practically I make a list with the incoming dns and I pass only those to my
> main
like something like that
server {
listen port;
location / {
if ($http_host ~ "dnsinput:port") {
proxy_buffering off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header
Здравствуйте
На последней ревизии nginxQuic (rev 55b38514729b) столкнулся с частыми ошибками:
net::ERR_QUIC_PROTOCOL_ERROR 200:
[info] 29411#29411: *397 quic unknown transport param id:0x20, skipped while
handling frames, client: 2600:...:123, server: [::]:443
[info] 29411#29411: *397 quic
15 matches
Mail list logo