Univention Bugzilla – Full Text Bug Listing |
Summary: | Apache force_https exclude does not support patterns | ||
---|---|---|---|
Product: | UCS | Reporter: | Florian Best <best> |
Component: | Apache | Assignee: | Florian Best <best> |
Status: | CLOSED FIXED | QA Contact: | Daniel Tröder <troeder> |
Severity: | normal | ||
Priority: | P5 | CC: | heidelberger, stoeckigt, troeder |
Version: | UCS 4.2 | ||
Target Milestone: | UCS 4.2-2-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | Bug Report | What type of bug is this?: | 4: Minor Usability: Impairs usability in secondary scenarios |
Who will be affected by this bug?: | 3: Will affect average number of installed domains | How will those affected feel about the bug?: | 2: A Pain – users won’t like this once they notice it |
User Pain: | 0.137 | Enterprise Customer affected?: | |
School Customer affected?: | Yes | ISV affected?: | |
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | 2017092221000363 | Bug group (optional): | Error handling, External feedback |
Max CVSS v3 score: |
Description
Florian Best
2017-09-25 12:11:38 CEST
univention-apache (9.0.5-13): dd653b05077d | Bug #45449: use regex patterns for force https exclusion rules univention-apache.yaml: 1b7a972c1caa | YAML Bug #45449 OK: code OK: advisory (improved wording: a0bccdc..6b51f7c) OK: manual test: ucr set apache2/force_https=yes apache2/force_https/exclude/request_uri/test1="/test1/a" apache2/force_https/exclude/request_uri/test2="/test1/b/$" /test1 doesn't exist, so 404 will happen. But if not excluded requests will first be redirected (301). wget --no-check-certificate http://10.200.3.52/test1/ -> 301 wget --no-check-certificate http://10.200.3.52/test1/abc/ -> 404 wget --no-check-certificate http://10.200.3.52/test1/b/ -> 404 wget --no-check-certificate http://10.200.3.52/test1/bc -> 301 |