Mantis Bugtracker

Viewing Issue Simple Details Jump to Notes ] View Advanced ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0006162 [Resin] feature always 05-08-18 12:57 06-06-18 16:59
Reporter stbu View Status public  
Assigned To ferg
Priority normal Resolution fixed  
Status closed   Product Version 4.0.56
Summary 0006162: Feature-Request: New rewrite condition such as <resin:IfProtocolVersion> for TLS Protocol Version
Description The access logging of the TLS Protocol Version and the used Cipher-Suite (see 0006113) has helped us a lot to figure out how much traffic is using an outdated TLS Protocol (TLSv1) and partially made it possible to get in touch with people/companies.

If the TLS protocol version would be available as a URL Rewrite condition such as <resin:IfProtocolVersion> with a regexp and/or value attribute it would be possible to perform a check and forward on a commonly used page such as a login page.
Additional Information For example: [^]

Would trigger such a rewrite when used with a "TLSv1" (value in access-logging when TLSv1.0 is used) connection:

 <resin:Redirect regexp='^/login' target='/warn-outdated-tls-version.jsp'>
     <resin:IfProtocolVersion value="TLSv1"/>
     <resin:IfQueryParam name="check-tls-version" value="true"/>

On the warn-outdated-tls-version.jsp one could have a detailed explanation with a link to bypass such condition and continue with regular login: [^] having a link to login with [^]
Attached Files

- Relationships

- Notes
06-06-18 16:59


- Issue History
Date Modified Username Field Change
05-08-18 12:57 stbu New Issue
05-08-18 12:57 stbu Issue Monitored: stbu
06-06-18 16:59 ferg Note Added: 0006839
06-06-18 16:59 ferg Assigned To  => ferg
06-06-18 16:59 ferg Status new => closed
06-06-18 16:59 ferg Resolution open => fixed
06-06-18 16:59 ferg Fixed in Version  => 4.0.57

Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
31 total queries executed.
27 unique queries executed.
Powered by Mantis Bugtracker