Feature #6374
closed
Sticky buffers for sip headers
Added by Giuseppe Longo about 1 year ago.
Updated about 1 month ago.
Description
A common attack on sip servers consists of putting SQL injection or JS code into request headers.
Implementing sticky buffers that inspects on headers will permit to detect those attacks.
I propose to start adding keywords for the following fields:
- Via
- From
- To
- User-agent
- Content-type
- Content-length
- Target version changed from 8.0.0 to 8.0.0-beta1
- Status changed from New to In Progress
- Status changed from In Progress to In Review
Philippe Antoine wrote in #note-2:
Why not a generic sip.request_header keyword ? whose buffer would be name+value like http.request_header
Sometimes the inclusion of the header name requires different content logic that is cumbersome. Perhaps sip would be a good target for initial implementation of dynamic sticky buffers as mentioned in #5775?
- Status changed from In Review to Closed
Also available in: Atom
PDF