Skip to content

gmo-ierae/CVE-2024-26144-test

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
.vscode
.vscode
 
 
apache
apache
 
 
haproxy
haproxy
 
 
nginx
nginx
 
 
passenger
passenger
 
 
rails-app
rails-app
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
check.ts
check.ts
 
 

Repository files navigation

CVE-2024-26144-test

Requirement:

  • Docker compose
  • Deno
$ deno run --allow-run --allow-net check.ts

If you want to test CDN, please set the URL in argument.

(Make sure all caches are purged before run!)

$ deno run --allow-run --allow-net check.ts https://example.com/

Results

If HTTP response contains Set-Cookie header...

Web server Response cached (*1) Cache contains Set-Cookie
Nginx + proxy_cache NO -
Nginx + Passenger YES YES
Apache + mod_cache YES YES
HAProxy YES YES
Cloudflare (Free plan) NO -
CloudFront (CachingOptimized) YES NO
CloudFront (UseOriginCacheControlHeaders) NO -
Fastly NO -

*1 It is the result of whether the cache works for anonymous user. Even if it says NO, it may return cache for the request with same cookie.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

11 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages