TWSD-1095 - Security Alert: Command injection via cookie data
Review Request #1062 — Created Sept. 17, 2025 and submitted — Latest diff uploaded
| Information | |
|---|---|
| shuinvy | |
| AG | |
| rel_ag_9_4_5 | |
| TWSD-1095 | |
| Reviewers | |
| atlas, evalin, jasonchou, milliechou, peteryeh, timlai, timsu | |
Add logs for cookie data under /ca/aproxy directory
- Add new function to get cookie and log cookie data (The log is rotated, max 200 MB)
- Replace $_COOKIE by my function get_cookie_and_log
- Add my log (/var/log/aproxy_cookie.log) to sys_log compression file
- Add some command line to system.log in sys_snap compression file