| Anonymous | Login | Signup for a new account | 04-20-2024 05:21 PDT |
| Main | My View | View Issues | Change Log | Docs |
| Viewing Issue Advanced Details [ Jump to Notes ] | [ View Simple ] [ Issue History ] [ Print ] | ||||||||
| ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||||
| 0006162 | [Resin] | feature | always | 05-08-18 12:57 | 06-06-18 16:59 | ||||
| Reporter | stbu | View Status | public | ||||||
| Assigned To | ferg | ||||||||
| Priority | normal | Resolution | fixed | Platform | |||||
| Status | closed | OS | |||||||
| Projection | none | OS Version | |||||||
| ETA | none | Fixed in Version | 4.0.57 | Product Version | 4.0.56 | ||||
| Product Build | |||||||||
| Summary | 0006162: Feature-Request: New rewrite condition such as <resin:IfProtocolVersion> for TLS Protocol Version | ||||||||
| Description |
The access logging of the TLS Protocol Version and the used Cipher-Suite (see 0006113) has helped us a lot to figure out how much traffic is using an outdated TLS Protocol (TLSv1) and partially made it possible to get in touch with people/companies. If the TLS protocol version would be available as a URL Rewrite condition such as <resin:IfProtocolVersion> with a regexp and/or value attribute it would be possible to perform a check and forward on a commonly used page such as a login page. |
||||||||
| Steps To Reproduce | |||||||||
| Additional Information |
For example: https://www.example.com/login?check-tls-version=true [^] Would trigger such a rewrite when used with a "TLSv1" (value in access-logging when TLSv1.0 is used) connection: <resin:Redirect regexp='^/login' target='/warn-outdated-tls-version.jsp'> <resin:And> <resin:IfProtocolVersion value="TLSv1"/> <resin:IfQueryParam name="check-tls-version" value="true"/> </resin:And> </resin:Redirect> On the warn-outdated-tls-version.jsp one could have a detailed explanation with a link to bypass such condition and continue with regular login: https://www.example.com/warn-outdated-tls-version.jsp [^] having a link to login with https://www.example.com/login?check-tls-version=false [^] |
||||||||
| Attached Files | |||||||||
|
|
|||||||||
 Relationships |
|
|
Notes |
|
|
(0006839) ferg 06-06-18 16:59 |
server/1kf5 |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 05-08-18 12:57 | stbu | New Issue | |
| 05-08-18 12:57 | stbu | Issue Monitored: stbu | |
| 06-06-18 16:59 | ferg | Note Added: 0006839 | |
| 06-06-18 16:59 | ferg | Assigned To | => ferg |
| 06-06-18 16:59 | ferg | Status | new => closed |
| 06-06-18 16:59 | ferg | Resolution | open => fixed |
| 06-06-18 16:59 | ferg | Fixed in Version | => 4.0.57 |
| Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
31 total queries executed. 27 unique queries executed. |  |
