[prev in list] [next in list] [prev in thread] [next in thread]
List: haproxy
Subject: Re: BAD REQUEST
From: Willy Tarreau <w () 1wt ! eu>
Date: 2011-09-27 19:09:34
Message-ID: 20110927190934.GA26260 () 1wt ! eu
[Download RAW message or body]
Hello Vivien,
On Tue, Sep 27, 2011 at 04:40:34PM +0200, maynardkeenan@free.fr wrote:
> Hello HAProxy community !
>
> Do you think that HAProxy can block a request if spaces (and not %20) are located \
> in the URI ?
> HAProxy.log:
>
> <NOSRV> -1/-1/-1/-1/0 400 87 - - PRNN 0/0/0/0/0 0/0 "<BADREQ>"
>
> The url is like this :
>
> https://www.example.com/myapp/server.pt/wrapper/FFFRA_0_109898_4595_417_938_43/fff-a \
> ps/pt_action?javax.portlet.PT_PORTLET_NAME_KEY=Container&AWHA_selectedAcFamily=4138 \
> 30&AWHA revDate=32303 =41495553&AWHA _HeChOn=4865
Yes if posted like this, since this is not a valid URI at all. However,
I'd bet that your client would encode them and send them as '+' or '%20'.
A valid request has :
- a method
- exactly one space
- a URI
- exactly one space
- a version
- CRLF
Hoping this helps,
Willy
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic