yknoya opened a new pull request, #12187: URL: https://github.com/apache/trafficserver/pull/12187
# Problem There are cases where chunked requests that do not comply with RFC 9112 are forwarded to the origin server even when `proxy.config.http.strict_chunk_parsing` is set to 1. For example, when sending an invalid chunked body like the one below, the request, including the chunked body, was forwarded to the origin server. ``` POST /post HTTP/1.1\r\n Host: example.com\r\n User-Agent: test\r\n Transfer-Encoding: chunked\r\n \r\n 4\n test\r\n 0\r\n \r\n ``` # Cause The bug is caused by `ChunkedHandler::read_size()`. When the aforementioned chunked request is sent, `ChunkedHandler::read_size()` should be able to determine that the chunked body is invalid when it encounters the '\n' following '4'. However, `ChunkedHandler::read_size()` does not recognize it as invalid and continues processing. Therefore, @maskit and I have fixed it to detect an invalid chunked body when it encounters the '\n' following '4'. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: github-unsubscr...@trafficserver.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
