[Bug 1711573] Re: Invalid parsing of Forwarded header (RFC7239)

Brian Murray brian at ubuntu.com
Tue Sep 26 15:28:37 UTC 2017 

Hello Adam, or anyone else affected,

Accepted python-oslo.middleware into zesty-proposed. The package will
build now and be available at https://launchpad.net/ubuntu/+source
/python-oslo.middleware/3.23.1-0ubuntu1.1 in a few hours, and then in
the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested and change the tag from
verification-needed-zesty to verification-done-zesty. If it does not fix
the bug for you, please add a comment stating that, and change the tag
to verification-failed-zesty. In either case, details of your testing
will help us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance!

** Changed in: python-oslo.middleware (Ubuntu Zesty)
       Status: Triaged => Fix Committed

** Tags added: verification-needed verification-needed-zesty

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to python-oslo.middleware in Ubuntu.
https://bugs.launchpad.net/bugs/1711573

Title:
  Invalid parsing of Forwarded header (RFC7239)

Status in Ubuntu Cloud Archive:
  Fix Committed
Status in Ubuntu Cloud Archive ocata series:
  Triaged
Status in Ubuntu Cloud Archive pike series:
  Fix Committed
Status in oslo.middleware:
  Fix Released
Status in python-oslo.middleware package in Ubuntu:
  Fix Released
Status in python-oslo.middleware source package in Zesty:
  Fix Committed
Status in python-oslo.middleware source package in Artful:
  Fix Released

Bug description:
  >>> from oslo_middleware.http_proxy_to_wsgi import HTTPProxyToWSGI
  >>> HTTPProxyToWSGI._parse_rfc7239_header("for=192.0.2.60;proto=http, for=192.0.2.60;by=203.0.113.43")
  [{'for': '192.0.2.60', 'proto': 'http'}, {' for': '192.0.2.60', 'by': '203.0.113.43'}]
  >>>
  >>> HTTPProxyToWSGI._parse_rfc7239_header("for=192.0.2.60; proto=http, for=192.0.2.60; by=203.0.113.43")
  [{' proto': 'http', 'for': '192.0.2.60'}, {' for': '192.0.2.60', ' by': '203.0.113.43'}]

  According to some sources:
  https://en.wikipedia.org/wiki/X-Forwarded-For#Alternatives_and_variations
  https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Forwarded

  using space after semicolon in Forwarded header is valid, but
  _parse_rfc7239_header does not parse it properly: note spaces in keys
  in the dict above.

  This affects e.g. Heat when using a proxy+SSL.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1711573/+subscriptions

More information about the Ubuntu-openstack-bugs mailing list