Hi Marcelo.
I have found bug :)
If traffic server the latest version installed (4.1.2) , i can XSS and
SQL injection make :)
The latest version have vuln :)
I will ddos onw eb site, then the traffic server will caching the web
site, in this time i will read from SQL injection the mysql admin pass :)
I says the latest version have bug :)
This bug is the traffic server geve me allow to run XSS or SQL injection :)
I wait from you reply...
Am 23.01.2014 13:02, schrieb Marcelo Gotesdiner:
Thanks Shaun/Alan,
I just need a guide on what to do now :)
The fix is working in our system so I guess we need to integrate it into ATS.
As I never did it before, I do not know the procedure.
Thanks,
Marcelo
-----Original Message-----
From: Shaun McGinnity [mailto:shaun.mcginn...@owmobility.com]
Sent: Wednesday, January 22, 2014 11:29 PM
To: dev@trafficserver.apache.org
Subject: RE: Support for HTTP Upgrade in transparent proxy
I will be happy to help as well.
Regards,
Shaun
-----Original Message-----
From: Alan M. Carroll [mailto:a...@network-geographics.com]
Sent: Tuesday, January 21, 2014 3:41 PM
To: dev@trafficserver.apache.org
Subject: Re: Support for HTTP Upgrade in transparent proxy
Tuesday, January 21, 2014, 6:01:17 AM, you wrote:
Hi,
I implemented a solution for HTTP Upgrade in ATS under Seamless Access SW (a
Mobixell product).
We'll be happy to contribute with the solution but I don't know what the
procedure is.
I can take point on that. Do you have access to github, or could you file a
JIRA and attach a patch for review?
