[Bug 439554] [NEW] Backport X-Forwarded-* header parsing bugfix.
SqUe
squarious at gmail.com
Wed Sep 30 19:02:44 UTC 2009
Public bug reported:
pastedeploy has a feature to auto-create urls when it is served behind a
proxy. Urls are created using the X-Forwarded-*. In hardy version the
urls are crafted using the X-Forwarded-Server which was wrong as this is
the hostname of the server and not the host that the client request.
This can leaded to creating URLs using lan host names rather than the
actual public host that the proxy is listing to. The problem has been
described by a user in their mailing list in the past
http://pythonpaste.org/archives/message/20070813.221354.d0a58db6.ca.html
#paste-users
This was fixed in later versions.
In 1.3.2, the one included in 8.10 and 9.04, it just give more priority to X-Forwarded-Host than X-Forwarded-Server header.
In 1.3.3, the one included in Karmic, it is properly fixed and even supports different schemes using the X-Forwarded-Scheme.
As this is a blocking bug to deploy loggerhead behind apache's reverse
proxy using ssl, I would love to see an upstream update rather than
using custom hack.
The patch that I am attaching was exported by a simple diff on config.py
from 1.3.1 to 1.3.3. The patch requires no extra change on other files.
** Affects: pastedeploy (Ubuntu)
Importance: Undecided
Status: New
--
Backport X-Forwarded-* header parsing bugfix.
https://bugs.launchpad.net/bugs/439554
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list