Comment 109 for bug 1409142
Revision history for this message
| Dave McCowan (dave-mccowan) wrote Re: Websocket Hijacking Vulnerability in Nova VNC Server (CVE-2015-0259) | #109 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
I uploaded the correct patch uploaded this time. I miss Gerrit. :-)
If we consider console-type as part of the request, then any error (bad-token, bad-headers, bad-access-path, or bad-conosle-type) should all behave the same. Based on the pre-existing code, in each case they should raise an exception and not make a separate logging call.