archives/snowflake
2
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake.git synced 2025-10-13 20:11:19 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Validate client and proxy supplied strings

Browse source 
Malicious clients and proxies can provide potentially malicious strings
in the polls. This validates the NAT type and proxy type strings to
ensure that malformed strings are not displayed on a web page
or passed to any of our monitoring infrastructure.

If a client or proxy supplies an invalid NAT type, we return an error
message. If a proxy supplies an unknown proxy type, we set the proxy
type to unknown.
This commit is contained in:
Cecylia Bocovich 2022-01-12 10:53:58 -05:00
parent aeb0794d28
commit b35a79ac24
No known key found for this signature in database
GPG key ID: 009DE379FD9B7B90
3 changed files with 41 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

2
common/messages/messages_test.go
View file

@ -22,7 +22,7 @@ func TestDecodeProxyPollRequest(t *testing.T) {
{
//Version 1.0 proxy message
"ymbcCMto7KHNGYlp",
"",
"unknown",
"unknown",
0,
`{"Sid":"ymbcCMto7KHNGYlp","Version":"1.0"}`,