mirror of
https://github.com/rails/rails.git
synced 2022-11-09 12:12:34 -05:00
Prevent slow regex when parsing host authorization header
The old regex could take too long when parsing an authorization header, and this could potentially cause a DoS vulnerability [CVE-2021-22904]
This commit is contained in:
parent
55e0723846
commit
eab8c20f3e
2 changed files with 11 additions and 1 deletions
|
@ -407,7 +407,7 @@ module ActionController
|
|||
module Token
|
||||
TOKEN_KEY = "token="
|
||||
TOKEN_REGEX = /^(Token|Bearer)\s+/
|
||||
AUTHN_PAIR_DELIMITERS = /(?:,|;|\t+)/
|
||||
AUTHN_PAIR_DELIMITERS = /(?:,|;|\t)/
|
||||
extend self
|
||||
|
||||
module ControllerMethods
|
||||
|
|
|
@ -88,6 +88,16 @@ class HttpTokenAuthenticationTest < ActionController::TestCase
|
|||
assert_equal "HTTP Token: Access denied.\n", @response.body, "Authentication header was not properly parsed"
|
||||
end
|
||||
|
||||
test "authentication request with evil header" do
|
||||
@request.env["HTTP_AUTHORIZATION"] = "Token ." + " " * (1024*80-8) + "."
|
||||
Timeout.timeout(1) do
|
||||
get :index
|
||||
end
|
||||
|
||||
assert_response :unauthorized
|
||||
assert_equal "HTTP Token: Access denied.\n", @response.body, "Authentication header was not properly parsed"
|
||||
end
|
||||
|
||||
test "successful authentication request with Bearer instead of Token" do
|
||||
@request.env["HTTP_AUTHORIZATION"] = "Bearer lifo"
|
||||
get :index
|
||||
|
|
Loading…
Reference in a new issue