Skip to main content

Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

    •  
      request #30001 Reject SVN requests without Authorization header as soon as possible
    Actions
    Infos
    #30001
    Thomas Gerbet (tgerbet)
    2022-12-21 17:57
    2022-12-21 14:01
    31598
    Details
    Reject SVN requests without Authorization header as soon as possible

    Currently when a SVN request comes in it is forwarded to the PHP backend so we can check if it is authorized. This is not really needed when no Authorization header is provided since we know the request is going to be rejected. This sort of requests happen even in a legitimate situations, SVN clients tries to access resources without providing credentials first.

    We can save some resources by rejecting those requests directly at the nginx level to avoid reaching out to the PHP backend.

    SCM/Subversion
    All
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Thomas Gerbet (tgerbet)
    Closed
    2022-12-21
    Attachments
    Artifact links

    Releases

    Fixed in

    Artifact ID Project Tracker Summary Status Last Update Date Submitted By Assigned to
    rel #29214 Tuleap Releases 14.4 Delivered 2023-01-05 15:24 Manuel Vacelet (vaceletm)
    Empty
    References
    Referencing request #30001

    Git commit

    tuleap/tuleap/stable

    Closes request #30001: Reject SVN requests without Authorization header as soon as possible f2baf6b9d1
    User avatar Thomas Gerbet (tgerbet) , 2022-12-21 14:02
    Merge commit 'refs/changes/03/27503/1' of ssh://gerrit.tuleap.net:29418/tuleap 8aa5de4743
    User avatar Manuel Vacelet (vaceletm) , 2022-12-21 17:55
    Display settings

    Follow-ups

    User avatar
    Thomas Gerbet (tgerbet)2022-12-21 14:06

    See gerrit #27503.

    • Original Submission
      Something went wrong, the follow up content couldn't be loaded
      Only formatting have been changed, you should switch to markup to see the changes
    • Status changed from Under implementation to Under review