melanie witt 781612b332 Reject open redirection in the console proxy ... Our console proxies (novnc, serial, spice) run in a websockify server whose request handler inherits from the python standard SimpleHTTPRequestHandler. There is a known issue [1] in the SimpleHTTPRequestHandler which allows open redirects by way of URLs in the following format: http://vncproxy.my.domain.com//example.com/%2F.. which if visited, will redirect a user to example.com. We can intercept a request and reject requests that pass a redirection URL beginning with "//" by implementing the SimpleHTTPRequestHandler.send_head() method containing the vulnerability to reject such requests with a 400 Bad Request. This code is copied from a patch suggested in one of the issue comments [2]. Closes-Bug: #1927677 [1] https://bugs.python.org/issue32084 [2] https://bugs.python.org/issue32084#msg306545 Change-Id: Ie36401c782f023d1d5f2623732619105dc2cfa24		2021-05-14 17:26:00 +02:00
..
rfb	Remove six.text_type (1/2)	2020-12-13 11:25:31 +00:00
securityproxy	Remove six.text_type (1/2)	2020-12-13 11:25:31 +00:00
__init__.py	Remove 'nova-xvpvncproxy'	2019-12-23 14:20:28 +00:00
serial.py	Remove six.moves	2020-11-07 03:25:02 +00:00
type.py	Add MKS console support	2015-07-25 15:01:44 +03:00
websocketproxy.py	Reject open redirection in the console proxy	2021-05-14 17:26:00 +02:00