proxmox-mirrors/pve-http-server
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-http-server synced 2025-07-03 08:03:51 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add configurable 'compression'

Browse Source 
Rationale for disabling compression is the potential for being affected by
the BREACH (CVE-2013-3587) attack and it's considered good practice for https
configuration (see e.g. [0]).

The default remains: to have compression enabled for compressible file-types.

[0] https://cipherli.st/

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
This commit is contained in:
Stoiko Ivanov 2019-02-15 12:36:00 +01:00 committed by Thomas Lamprecht
parent 54c0ead916
commit 23dfd1b7c9
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
PVE/APIServer/AnyEvent.pm
View File

@ -184,6 +184,7 @@ sub response {
$reqstate->{hdl}->timeout_reset(); $reqstate->{hdl}->timeout_reset();
$reqstate->{hdl}->timeout($self->{timeout}); $reqstate->{hdl}->timeout($self->{timeout});
$nocomp = !$self->{compression};
$nocomp = 1 if !$reqstate->{accept_gzip}; $nocomp = 1 if !$reqstate->{accept_gzip};
my $code = $resp->code; my $code = $resp->code;
@ -552,7 +553,7 @@ sub proxy_request {
$headers->{'cookie'} = PVE::APIServer::Formatter::create_auth_cookie($ticket, $self->{cookie_name}) if $ticket; $headers->{'cookie'} = PVE::APIServer::Formatter::create_auth_cookie($ticket, $self->{cookie_name}) if $ticket;
$headers->{'CSRFPreventionToken'} = $token if $token; $headers->{'CSRFPreventionToken'} = $token if $token;
$headers->{'Accept-Encoding'} = 'gzip' if $reqstate->{accept_gzip}; $headers->{'Accept-Encoding'} = 'gzip' if ($reqstate->{accept_gzip} && $self->{compression});
my $content; my $content;
@ -1611,6 +1612,7 @@ sub new {
$self->{base_uri} //= "/api2"; $self->{base_uri} //= "/api2";
$self->{dirs} //= {}; $self->{dirs} //= {};
$self->{title} //= 'API Inspector'; $self->{title} //= 'API Inspector';
$self->{compression} //= 1;
# formatter_config: we pass some configuration values to the Formatter # formatter_config: we pass some configuration values to the Formatter
$self->{formatter_config} = {}; $self->{formatter_config} = {};