haproxy/tests/test-cookie-indirect.cfg
Willy Tarreau eb7b0a2b56 [MEDIUM] http: fix space handling in the request cookie parser
The request cookie parser did not allow spaces to appear in cookie
values nor around the equal sign. The various RFCs on the subject
say different things, some suggesting that a space is allowed after
the equal sign and being worded in a way that lets one believe it
is allowed before too. Some spaces may appear inside values and be
part of the values. The quotes allow delimiters to be embedded in
values. The spaces before and after attributes should be trimmed.

The new parser addresses all those points and has been carefully tested.
It fixes misplaced spaces around equal signs before processing the cookies
or forwarding them. It also tries its best to perform clean removals by
always keeping the delimiter after the value being removed and leaving one
space after it.

The variable inside the parser have been renamed to make the code a lot
more understandable, and one multi-function pointer has been eliminated.

Since this patch fixes real possible issues, it should be backported to 1.4
and possibly 1.3, since one (single) case of wrong spaces has been reported
in 1.3.

The code handling the Set-Cookie has not been touched yet.
2010-09-01 00:02:21 +02:00

48 lines
1.1 KiB
INI

# Test configuration. It listens on port 8000, forwards to
# local ports 8001/8002 as two distinct servers, and relies
# on a server running on local port 8080 to handle the request.
# Example of request that must be handled (taken from RFC2965 and mangled
# a bit) :
# POST /acme/process HTTP/1.1
# Cookie: $Version="1";
# Customer="WILE_E_COYOTE"; $Path="/acme";
# SID= s2 ; $Path="/";
# Part_Number="Rocket_Launcher_0001"; $Path="/acme";
# Shipping="FedEx"; $Path="/acme"
#
#
#
global
maxconn 500
stats socket /tmp/sock1 mode 777 level admin
stats timeout 1d
defaults
mode http
option http-server-close
timeout client 30s
timeout server 30s
timeout connect 5s
listen test
log 127.0.0.1 local0
option httplog
bind :8000
cookie SID insert indirect
server s1 127.0.0.1:8001 cookie s1
server s2 127.0.0.1:8002 cookie s2
capture cookie toto= len 10
listen s1
bind 127.0.0.1:8001
server srv 127.0.0.1:8080
reqadd x-haproxy-used:\ s1
listen s2
bind 127.0.0.1:8002
server srv 127.0.0.1:8080
reqadd x-haproxy-used:\ s2