Homestyx hydra
Diffusion hydra e8a7d8a905de

Provide software protections for HTTP response splitting
e8a7d8a905de
Actions

Description

Provide software protections for HTTP response splitting

Summary:
This addresses a few things:

  • Provide a software HTTP response spliting guard as an extra layer of

security, see http://news.php.net/php.internals/57655 and who knows what HPHP/i
does.

  • Cleans up webroot/index.php a little bit, I want to get that file under

control eventually.

  • Eventually I want to collect bytes in/out metrics and this allows us to do

that easily.

  • We may eventually want to write to a socket or do something else like that,

ala Litespawn.

Test Plan:

  • Ran unit tests.
  • Browsed around, checked headers and HTTP status codes.

Reviewers: btrahan, vrana

Reviewed By: btrahan

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1564

Details

Provenance
epriestleyAuthored on Feb 6 2012, 12:59 PM
sirocylPushed on Oct 16 2024, 5:49 AM
Parents
R1:be424bf381a5: Utilize hsprintf() in OAuth
Branches
Unknown
Tags
Unknown

Event Timeline

Changes (15)

PathSize
src/
aphront/
sink/
base/
__tests__/
request/
__tests__/
sink/
response/
php/
plaintext/
AphrontPHPHTTPSink.php
AphrontPlainTextResponse.php
test/
plaintext/
AphrontIsolatedHTTPSink.php
AphrontPlainTextResponse.php
aphront/
sink/
base/
applications/
herald/
engine/
effect/
webroot/

R1:e8a7d8a905de

View Options

src/__phutil_library_map__.php

Loading...
View Options

src/aphront/sink/base/AphrontHTTPSink.php

Loading...
View Options

src/aphront/sink/base/__init__.php

Loading...
View Options

src/aphront/sink/base/__tests__/AphrontHTTPSinkTestCase.php

Loading...
View Options

src/aphront/sink/base/__tests__/__init__.php

Loading...
View Options

src/aphront/sink/php/AphrontPHPHTTPSink.php

Loading...
View Options

src/aphront/sink/php/__init__.php

Loading...
View Options

src/aphront/sink/test/AphrontIsolatedHTTPSink.php

Loading...
View Options

src/aphront/sink/test/__init__.php

Loading...
View Options

webroot/index.php

Loading...
styx copyright 2020 sirocyl / ellie (kymkdd) / ncommander / styx contributors
Use of other names and brands is not intended to reflect a claim of, or right to, use the name or brand.
styx is an operating system using the Linux kernel and components, and "styx Linux" as a phrase does not reflect the inclusion of the Linux brand or trademark in the styx project.
Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.
Terms and Conditions (TODO: fix this!)