github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-09-09 05:01:46 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #80641 from liggitt/proxy-xss

Browse Source 
Avoid echoing request URL in proxy error
This commit is contained in:
Kubernetes Prow Robot
2019-07-30 08:53:30 -07:00
committed by GitHub
parent e116b6f09d 2e6440fbeb
commit 6e85da02f1
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
staging/src/k8s.io/apimachinery/pkg/util/proxy/transport.go
View File

@@ -101,11 +101,14 @@ func (t *Transport) RoundTrip(req *http.Request) (*http.Response, error) {
resp, err := rt.RoundTrip(req)
if err != nil {
message := fmt.Sprintf("Error: '%s'\nTrying to reach: '%v'", err.Error(), req.URL.String())
message := fmt.Sprintf("Error trying to reach service: '%v'", err.Error())
resp = &http.Response{
Header: http.Header{},
StatusCode: http.StatusServiceUnavailable,
Body: ioutil.NopCloser(strings.NewReader(message)),
}
resp.Header.Set("Content-Type", "text/plain; charset=utf-8")
resp.Header.Set("X-Content-Type-Options", "nosniff")
return resp, nil
}