[GitHub] [trafficserver] maskit commented on a diff in pull request #8963: Http2 to origin

Mon, 08 Aug 2022 22:43:02 -0700 


maskit commented on code in PR #8963:
URL: https://github.com/apache/trafficserver/pull/8963#discussion_r940918841


##########
proxy/http2/HTTP2.cc:
##########
@@ -599,6 +610,9 @@ http2_convert_header_from_1_1_to_2(HTTPHdr *headers)
       } else {
         field->value_set(headers->m_heap, headers->m_mime, value, value_len);
       }
+      // Remove the host header field, redundant to the authority field
+      // For istio/envoy, having both was causing 404 responses

Review Comment:
   This is interesting, because RFC 9113 says:
   
   > An intermediary that forwards a request over HTTP/2 MAY retain any
         Host header field.
   
   Removing `Host` header should be fine, but I wonder why it causes 404. It 
could be because of mismatch between the generated `:authority` pseudo header 
and the retained `Host` header.
   
   The RFC also says:
   
   > Clients MUST NOT generate a request with a Host header field that
         differs from the ":authority" pseudo-header field.  A server
         SHOULD treat a request as malformed if it contains a Host header
         field that identifies an entity that differs from the entity in
         the ":authority" pseudo-header field.
   
   > An intermediary that forwards a request over HTTP/2 MUST construct
         an ":authority" pseudo-header field using the authority
         information from the control data of the original request, unless
         the original request's target URI does not contain authority
         information (in which case it MUST NOT generate ":authority").
         Note that the Host header field is not the sole source of this
         information; see Section 7.2 of 
[[HTTP](https://datatracker.ietf.org/doc/html/rfc9113#ref-HTTP)].
   
   and ATS does gather the information from the request line if available. We 
might want to check generated `:authority` is really appropriate.
   
   I don't remember why we didn't remove `Host` header. There may be no reason, 
but it might be because removing it is unnecessary/optional.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to