crabapples
/
websockify
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Clear out sensitive fake headers from client 

We use the header dict to pass on non-header information to the
authentication plugins. Make sure an evil client isn't trying to sneak
something in that hasn't been verified by us.

Issue found by Kevin Rasmussen.
This commit is contained in:
Pierre Ossman 2024-11-19 14:47:17 +01:00
parent 417210f2cf
commit 187e204ce4
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
websockify/websocketproxy.py
View File

@ -60,6 +60,12 @@ Traffic Legend:
if not self.server.auth_plugin: if not self.server.auth_plugin:
return return
# clear out any existing SSL_ headers that the client might
# have maliciously set
ssl_headers = [ h for h in self.headers if h.startswith('SSL_') ]
for h in ssl_headers:
del self.headers[h]
try: try:
# get client certificate data # get client certificate data
client_cert_data = self.request.getpeercert() client_cert_data = self.request.getpeercert()