Hi Mark,
On Sun, Mar 26, 2017 at 9:31 PM, <ma...@apache.org> wrote: > Author: markt > Date: Sun Mar 26 19:31:25 2017 > New Revision: 1788771 > > URL: http://svn.apache.org/viewvc?rev=1788771&view=rev > Log: > Additional header validation > Found with the h2spec tool written by Moto Ishizawa. > > Modified: > tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties > tomcat/trunk/java/org/apache/coyote/http2/Stream.java > > Modified: tomcat/trunk/java/org/apache/coyote/http2/LocalStrings. > properties > URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/ > coyote/http2/LocalStrings.properties?rev=1788771&r1= > 1788770&r2=1788771&view=diff > ============================================================ > ================== > --- tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties > (original) > +++ tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties Sun > Mar 26 19:31:25 2017 > @@ -74,10 +74,12 @@ pingManager.roundTripTime=Connection [{0 > > stream.closed=Connection [{0}], Stream [{1}], Unable to write to stream > once it has been closed > stream.header.case=Connection [{0}], Stream [{1}], HTTP header name [{2}] > must be in lower case > +stream.header.connection=Connection [{0}], Stream [{1}], HTTP header > [connection] is not permitted in an HTTP/2 request > stream.header.debug=Connection [{0}], Stream [{1}], HTTP header [{2}], > Value [{3}] > stream.header.duplicate=Connection [{0}], Stream [{1}], received > multiple [{3}] headers > stream.header.noPath=Connection [{0}], Stream [{1}], The [:path] pseudo > header was empty > stream.header.required=Connection [{0}], Stream [{1}], One or more > required headers was missing > +stream.header.te=Connection [{0}], Stream [{1}], HTTP header [te] is not > permitted tohave the value [{2}] in an HTTP/2 request > Small typo in "tohave" - misses space. > stream.header.unexpectedPseudoHeader=Connection [{0}], Stream [{1}], > Pseudo header [{2}] received after a regular header > stream.header.unknownPseudoHeader=Connection [{0}], Stream [{1}], > Unknown pseudo header [{2}] received > stream.notWritable=Connection [{0}], Stream [{1}], This stream is not > writable > > Modified: tomcat/trunk/java/org/apache/coyote/http2/Stream.java > URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/ > coyote/http2/Stream.java?rev=1788771&r1=1788770&r2=1788771&view=diff > ============================================================ > ================== > --- tomcat/trunk/java/org/apache/coyote/http2/Stream.java (original) > +++ tomcat/trunk/java/org/apache/coyote/http2/Stream.java Sun Mar 26 > 19:31:25 2017 > @@ -233,6 +233,18 @@ class Stream extends AbstractStream impl > getConnectionId(), getIdentifier(), name)); > } > > + if ("connection".equals(name)) { > + throw new HpackException(sm.getString(" > stream.header.connection", > + getConnectionId(), getIdentifier())); > + } > + > + if ("te".equals(name)) { > + if (!"trailers".equals(value)) { > + throw new HpackException(sm.getString("stream.header.te", > + getConnectionId(), getIdentifier(), value)); > + } > + } > + > if (headerStateErrorMsg != null) { > // Don't bother processing the header since the stream is > going to > // be reset anyway > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > >