Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:ateixeira:branches:security:sensor
velociraptor
CVE-2024-28849-follow-redirects-drop-proxy-auth...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2024-28849-follow-redirects-drop-proxy-authorization.patch of Package velociraptor
From c4f847f85176991f95ab9c88af63b1294de8649b Mon Sep 17 00:00:00 2001 From: Ruben Verborgh <ruben@verborgh.org> Date: Thu, 14 Mar 2024 17:36:10 +0100 Subject: [PATCH] Drop Proxy-Authorization across hosts. --- index.js | 2 +- 1 files changed, 1 insertions(+), 1 deletion(-) diff --git a/gui/velociraptor/node_modules/follow-redirects/index.js b/gui/velociraptor/node_modules/follow-redirects/index.js index f58b933..c649cab 100644 --- a/gui/velociraptor/node_modules/follow-redirects/index.js +++ b/gui/velociraptor/node_modules/follow-redirects/index.js @@ -430,7 +430,7 @@ RedirectableRequest.prototype._processResponse = function (response) { redirectUrlParts.protocol !== "https:" || redirectUrlParts.host !== currentHost && !isSubdomain(redirectUrlParts.host, currentHost)) { - removeMatchingHeaders(/^(?:authorization|cookie)$/i, this._options.headers); + removeMatchingHeaders(/^(?:(?:proxy-)?authorization|cookie)$/i, this._options.headers); } // Evaluate the beforeRedirect callback
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor