251fab17b5
Plain whitespace characters in url_path must be rejected because they may allow authorized users to inject arbitrary HAProxy directives in the configuration of amphorae. Story: 2008994 Task: 42656 Change-Id: I0f4c59a2928f2a813171109aaf73a1d7dff9eefe
8 lines
291 B
YAML
8 lines
291 B
YAML
---
|
|
issues:
|
|
- |
|
|
Fixed configuration issue which allowed authenticated and authorized
|
|
users to inject code into HAProxy configuration using API requests.
|
|
Octavia API no longer accepts unencoded whitespace characters in url_path values
|
|
in update requests for healthmonitors.
|