homelab/traefik
1
0
Fork 0
Code Activity

Make encoded character options opt-in

Browse source
This commit is contained in:
Gina A. 2026-01-14 10:16:04 +01:00 committed by GitHub
parent ee265a8509
commit adf47fba31
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
19 changed files with 221 additions and 179 deletions
Download patch file Download diff file Expand all files Collapse all files

13
pkg/server/router/router.go
View file

@ -223,14 +223,11 @@ func (m *Manager) buildHTTPHandler(ctx context.Context, router *runtime.RouterIn
chain = chain.Append(denyrouterrecursion.WrapHandler(routerName))
}
// Here we are adding deny handlers for encoded path characters and fragment.
// Deny handler are only added for root routers, child routers are protected by their parent router deny handlers.
chain = chain.Append(func(next http.Handler) (http.Handler, error) {
return denyFragment(next), nil
})
chain = chain.Append(func(next http.Handler) (http.Handler, error) {
return denyEncodedPathCharacters(router.DeniedEncodedPathCharacters.Map(), next), nil
})
if router.DeniedEncodedPathCharacters != nil {
chain = chain.Append(func(next http.Handler) (http.Handler, error) {
return denyEncodedPathCharacters(router.DeniedEncodedPathCharacters.Map(), next), nil
})
}
return chain.Extend(*mHandler).Append(tHandler).Then(sHandler)
}