This is an automated email from the ASF dual-hosted git repository. zwoop pushed a commit to branch 7.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git
commit 5cc14357b8ba2e5f151dc4a6a549f20844cb6824 Author: David Calavera <david.calav...@gmail.com> AuthorDate: Sun Nov 5 18:38:17 2017 -0800 Strict checks of RFC7540 8.1.2.2. Treat messages with connection specific fields as malformed. It uses the same list of header fields that are removed when H1 headers are transformed to H2 ones: https://github.com/apache/trafficserver/blob/6dcc822baf23b1ab69c9a2609fc4f65fd9f6c10b/proxy/http2/HTTP2.cc#L570 Signed-off-by: David Calavera <david.calav...@gmail.com> (cherry picked from commit c3ada26c31821684cb04c1c240082fbde201b9a7) --- proxy/http2/HTTP2.cc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/proxy/http2/HTTP2.cc b/proxy/http2/HTTP2.cc index 67af7b6..e8f7bd4 100644 --- a/proxy/http2/HTTP2.cc +++ b/proxy/http2/HTTP2.cc @@ -661,7 +661,11 @@ http2_decode_header_blocks(HTTPHdr *hdr, const uint8_t *buf_start, const uint32_ // rfc7540,sec8.1.2.2: Any message containing connection-specific header // fields MUST be treated as malformed - if (hdr->field_find(MIME_FIELD_CONNECTION, MIME_LEN_CONNECTION) != nullptr) { + if (hdr->field_find(MIME_FIELD_CONNECTION, MIME_LEN_CONNECTION) != nullptr || + hdr->field_find(MIME_FIELD_KEEP_ALIVE, MIME_LEN_KEEP_ALIVE) != nullptr || + hdr->field_find(MIME_FIELD_PROXY_CONNECTION, MIME_LEN_PROXY_CONNECTION) != nullptr || + hdr->field_find(MIME_FIELD_TRANSFER_ENCODING, MIME_LEN_TRANSFER_ENCODING) != nullptr || + hdr->field_find(MIME_FIELD_UPGRADE, MIME_LEN_UPGRADE) != nullptr) { return Http2ErrorCode::HTTP2_ERROR_PROTOCOL_ERROR; } -- To stop receiving notification emails like this one, please contact "commits@trafficserver.apache.org" <commits@trafficserver.apache.org>.