mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From haosdent huang <haosd...@gmail.com>
Subject Re: Review Request 52105: Prevent `/redirect/foo` loop.
Date Wed, 28 Sep 2016 17:42:17 GMT


> On Sept. 24, 2016, 8:02 p.m., haosdent huang wrote:
> > src/master/http.cpp, lines 2046-2048
> > <https://reviews.apache.org/r/52105/diff/3/?file=1509354#file1509354line2046>
> >
> >     Hi, @drcrallen This comment is not true. As https://github.com/apache/mesos/blob/master/src/master/http.cpp#L427-L429,
we use `::redirect` to redirect any path to the leading master internally. So the `request.url.path`
may be anything here. This is why I suggest to change to 
> >     
> >     ```
> >     diff --git a/src/master/http.cpp b/src/master/http.cpp
> >     index e9f9d16..c77229a 100644
> >     --- a/src/master/http.cpp
> >     +++ b/src/master/http.cpp
> >     @@ -2038,6 +2038,11 @@ Future<Response> Master::Http::redirect(const Request&
request) const
> >          // When request url is '/redirect' or '/master/redirect', redirect to the
> >          // base url of leading master to avoid infinite redirect loop.
> >          return TemporaryRedirect(basePath);
> >     +  } else if (strings::startsWith(request.url.path, "/redirect/") ||
> >     +             strings::startsWith(request.url.path,
> >     +                                 "/" + master->self().id + "/redirect/"))
{
> >     +    // Stop redirection here to avoid fall into an infinite redirection loop.
> >     +    return NotFound();
> >        } else {
> >     ```
> >     
> >     in the previous comment.
> 
> Charles Allen wrote:
>     Sure, I can do that.

Many thanks!


- haosdent


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/52105/#review150311
-----------------------------------------------------------


On Sept. 23, 2016, 6:04 p.m., Charles Allen wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/52105/
> -----------------------------------------------------------
> 
> (Updated Sept. 23, 2016, 6:04 p.m.)
> 
> 
> Review request for mesos and Vinod Kone.
> 
> 
> Bugs: MESOS-6210
>     https://issues.apache.org/jira/browse/MESOS-6210
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> Prevent `/redirect/foo` loop.
> 
> 
> Diffs
> -----
> 
>   src/master/http.cpp 9005e7c308d5f57c6f5c573951d468a3ba730740 
> 
> Diff: https://reviews.apache.org/r/52105/diff/
> 
> 
> Testing
> -------
> 
> Single Node started with `./src/mesos-master --work_dir=/tmp/mesos`
> 
> 
> ```
> Charless-MacBook-Pro:~ charlesallen$ curl -v http://127.0.0.1:5050/redirect
> *   Trying 127.0.0.1...
> * Connected to 127.0.0.1 (127.0.0.1) port 5050 (#0)
> > GET /redirect HTTP/1.1
> > Host: 127.0.0.1:5050
> > User-Agent: curl/7.43.0
> > Accept: */*
> >
> < HTTP/1.1 307 Temporary Redirect
> < Date: Fri, 23 Sep 2016 17:30:17 GMT
> < Location: //10.17.97.185:5050
> < Content-Length: 0
> <
> * Connection #0 to host 127.0.0.1 left intact
> Charless-MacBook-Pro:~ charlesallen$ curl -v http://127.0.0.1:5050/redirect/
> *   Trying 127.0.0.1...
> * Connected to 127.0.0.1 (127.0.0.1) port 5050 (#0)
> > GET /redirect/ HTTP/1.1
> > Host: 127.0.0.1:5050
> > User-Agent: curl/7.43.0
> > Accept: */*
> >
> < HTTP/1.1 404 Not Found
> < Date: Fri, 23 Sep 2016 17:30:19 GMT
> < Content-Length: 0
> <
> * Connection #0 to host 127.0.0.1 left intact
> Charless-MacBook-Pro:~ charlesallen$ curl -v http://127.0.0.1:5050/redirect/foo
> *   Trying 127.0.0.1...
> * Connected to 127.0.0.1 (127.0.0.1) port 5050 (#0)
> > GET /redirect/foo HTTP/1.1
> > Host: 127.0.0.1:5050
> > User-Agent: curl/7.43.0
> > Accept: */*
> >
> < HTTP/1.1 404 Not Found
> < Date: Fri, 23 Sep 2016 17:30:21 GMT
> < Content-Length: 0
> <
> * Connection #0 to host 127.0.0.1 left intact
> Charless-MacBook-Pro:~ charlesallen$ curl -v http://127.0.0.1:5050/redirect_foo
> *   Trying 127.0.0.1...
> * Connected to 127.0.0.1 (127.0.0.1) port 5050 (#0)
> > GET /redirect_foo HTTP/1.1
> > Host: 127.0.0.1:5050
> > User-Agent: curl/7.43.0
> > Accept: */*
> >
> < HTTP/1.1 404 Not Found
> < Date: Fri, 23 Sep 2016 17:30:23 GMT
> < Content-Length: 0
> <
> * Connection #0 to host 127.0.0.1 left intact
> Charless-MacBook-Pro:~ charlesallen$ curl -v http://127.0.0.1:5050/master/redirect/
> *   Trying 127.0.0.1...
> * Connected to 127.0.0.1 (127.0.0.1) port 5050 (#0)
> > GET /master/redirect/ HTTP/1.1
> > Host: 127.0.0.1:5050
> > User-Agent: curl/7.43.0
> > Accept: */*
> >
> < HTTP/1.1 404 Not Found
> < Date: Fri, 23 Sep 2016 17:30:49 GMT
> < Content-Length: 0
> <
> * Connection #0 to host 127.0.0.1 left intact
> Charless-MacBook-Pro:~ charlesallen$ curl -v http://127.0.0.1:5050/master/redirect
> *   Trying 127.0.0.1...
> * Connected to 127.0.0.1 (127.0.0.1) port 5050 (#0)
> > GET /master/redirect HTTP/1.1
> > Host: 127.0.0.1:5050
> > User-Agent: curl/7.43.0
> > Accept: */*
> >
> < HTTP/1.1 307 Temporary Redirect
> < Date: Fri, 23 Sep 2016 17:30:50 GMT
> < Location: //10.17.97.185:5050
> < Content-Length: 0
> <
> * Connection #0 to host 127.0.0.1 left intact
> Charless-MacBook-Pro:~ charlesallen$ curl -v http://127.0.0.1:5050/master/redirect_foo
> *   Trying 127.0.0.1...
> * Connected to 127.0.0.1 (127.0.0.1) port 5050 (#0)
> > GET /master/redirect_foo HTTP/1.1
> > Host: 127.0.0.1:5050
> > User-Agent: curl/7.43.0
> > Accept: */*
> >
> < HTTP/1.1 404 Not Found
> < Date: Fri, 23 Sep 2016 17:30:53 GMT
> < Content-Length: 0
> <
> * Connection #0 to host 127.0.0.1 left intact
> Charless-MacBook-Pro:~ charlesallen$ curl -v http://127.0.0.1:5050/master/redirect/foo
> *   Trying 127.0.0.1...
> * Connected to 127.0.0.1 (127.0.0.1) port 5050 (#0)
> > GET /master/redirect/foo HTTP/1.1
> > Host: 127.0.0.1:5050
> > User-Agent: curl/7.43.0
> > Accept: */*
> >
> < HTTP/1.1 404 Not Found
> < Date: Fri, 23 Sep 2016 17:30:55 GMT
> < Content-Length: 0
> <
> * Connection #0 to host 127.0.0.1 left intact
> ```
> 
> It is worth noting that in this PR /master/redirect/  and /redirect/ return 404, not
307. This behavior is consistent with master.
> 
> 
> Thanks,
> 
> Charles Allen
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message