homelab/traefik
1
0
Fork 0
Code Activity

Fix deny encoded characters

Browse source 
Co-authored-by: Kevin Pollet <pollet.kevin@gmail.com>
This commit is contained in:
Romain 2025-12-23 16:00:05 +01:00 committed by GitHub
parent 8ebab1b243
commit 90ce858347
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
21 changed files with 427 additions and 300 deletions
Download patch file Download diff file Expand all files Collapse all files

14
pkg/provider/traefik/internal.go
View file

@ -212,7 +212,7 @@ func (i *Provider) getEntryPointPort(name string, def *static.Redirections) (str
func (i *Provider) entryPointModels(cfg *dynamic.Configuration) {
for name, ep := range i.staticCfg.EntryPoints {
if len(ep.HTTP.Middlewares) == 0 && ep.HTTP.TLS == nil {
if len(ep.HTTP.Middlewares) == 0 && ep.HTTP.TLS == nil && ep.HTTP.EncodedCharacters == nil {
continue
}
@ -220,6 +220,18 @@ func (i *Provider) entryPointModels(cfg *dynamic.Configuration) {
Middlewares: ep.HTTP.Middlewares,
}
if ep.HTTP.EncodedCharacters != nil {
m.DeniedEncodedPathCharacters = &dynamic.RouterDeniedEncodedPathCharacters{
AllowEncodedSlash: ep.HTTP.EncodedCharacters.AllowEncodedSlash,
AllowEncodedBackSlash: ep.HTTP.EncodedCharacters.AllowEncodedBackSlash,
AllowEncodedPercent: ep.HTTP.EncodedCharacters.AllowEncodedPercent,
AllowEncodedQuestionMark: ep.HTTP.EncodedCharacters.AllowEncodedQuestionMark,
AllowEncodedSemicolon: ep.HTTP.EncodedCharacters.AllowEncodedSemicolon,
AllowEncodedHash: ep.HTTP.EncodedCharacters.AllowEncodedHash,
AllowEncodedNullCharacter: ep.HTTP.EncodedCharacters.AllowEncodedNullCharacter,
}
}
if ep.HTTP.TLS != nil {
m.TLS = &dynamic.RouterTLSConfig{
Options: ep.HTTP.TLS.Options,