github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-07-17 16:21:31 +00:00
Code Issues Projects Releases Wiki Activity

update(userspace/falco): enforce check that content-type actually starts with "application/json" string.

Browse Source 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>

Co-authored-by: Leonardo Grasso <me@leonardograsso.com>
This commit is contained in:
Federico Di Pierro 2021-11-23 09:58:34 +01:00 committed by poiana
parent b359f71511
commit bb8b75a2cd
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
userspace/falco/webserver.cpp
View File

@ -150,7 +150,8 @@ bool k8s_audit_handler::handlePost(CivetServer *server, struct mg_connection *co
// Ensure that the content-type is application/json // Ensure that the content-type is application/json
const char *ct = server->getHeader(conn, string("Content-Type")); const char *ct = server->getHeader(conn, string("Content-Type"));
if(ct == NULL || strstr(ct, "application/json") == NULL) // content type *must* start with application/json
if(ct == NULL || strncmp(ct, "application/json", strlen("application/json")) != 0)
{ {
mg_send_http_error(conn, 400, "Wrong Content Type"); mg_send_http_error(conn, 400, "Wrong Content Type");