pomerium

3pp-mirror/pomerium

Fork 0

mirror of https://github.com/pomerium/pomerium.git synced 2025-04-29 10:26:29 +02:00

Commit graph

Author	SHA1	Message	Date
Kenneth Jenkins	efe3cef2e4	config: escape % signs in local reply format string (#5460 ) Since v0.26, Pomerium configures Envoy to use a custom HTML error page format string for most errors served by Envoy itself. This format string uses %COMMAND% directives to include details about the error. The HTML error page template also includes any branding options set via the corresponding Enterprise settings. We need to ensure that any % signs in the branding options strings are escaped to %% so that Envoy will not interpret them as the start of a %COMMAND% directive, which could lead to Envoy rejecting the format string as invalid.	2025-02-03 14:31:06 -08:00

Author

SHA1

Message

Date

Kenneth Jenkins

efe3cef2e4

config: escape % signs in local reply format string (#5460 )

Since v0.26, Pomerium configures Envoy to use a custom HTML error page
format string for most errors served by Envoy itself. This format string
uses %COMMAND% directives to include details about the error.

The HTML error page template also includes any branding options set via
the corresponding Enterprise settings. We need to ensure that any %
signs in the branding options strings are escaped to %% so that Envoy
will not interpret them as the start of a %COMMAND% directive, which
could lead to Envoy rejecting the format string as invalid.

2025-02-03 14:31:06 -08:00

1 commit