Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
None
-
None
-
None
Description
The THRIFT_strncasecmp(header, <header name constant>, sz) == 0 condition used in THttpServer::parseHeader() function returns true even if the name of the header being processed is a prefix of the header constant that is defined in the condition.
For example, when processing the http header line "con: 123", we enter the code fragment where the Content-length header content is processed, because the condition THRIFT_strncasecmp("con: 123", "Content-length", 3) == 0 is true, since the first 3 characters of the two strings are the same.
The same is true for strncmp(header, "X-Forwarded-For", sz) == 0 condition, where the header line "X: 127.0.0.1" may hide the Origin if the client sends that after the X-Forwarded-For header (and the proxy does not change the header order).
Attachments
Issue Links
- relates to
-
IMPALA-12341 hs2 http authentication may fail due to header parsing issues if any prefix of the word "authorization" is present as a header in the http request
- Resolved