BUG/MINOR: h3: reject more chars from the :path pseudo header
Origin: https://git.haproxy.org/?p=haproxy-2.6.git;a=commit;h=
eacaa76e7b0e4182dfd17e1e7ca8c02c1cdab72c
This is the h3 version of this previous fix:
BUG/MINOR: h2: reject more chars from the :path pseudo header
In addition to the current NUL/CR/LF, this will also reject all other
control chars, the space and '#' from the :path pseudo-header, to avoid
taking the '#' for a part of the path. It's still possible to fall back
to the previous behavior using "option accept-invalid-http-request".
Here the :path header value is scanned a second time to look for
forbidden chars because we don't know upfront if we're dealing with a
path header field or another one. This is no big deal anyway for now.
This should be progressively backported to 2.6, along with the
following commits it relies on (the same as for h2):
REGTESTS: http-rules: add accept-invalid-http-request for normalize-uri tests
REORG: http: move has_forbidden_char() from h2.c to http.h
MINOR: ist: add new function ist_find_range() to find a character range
MINOR: http: add new function http_path_has_forbidden_char()
(cherry picked from commit
2e97857a845540887a92029a566deb5b51f61d0b)
Signed-off-by: Amaury Denoyelle <adenoyelle@haproxy.com>
(cherry picked from commit
96dfea858edab8f1f63fa6e4df43f505b81fdad9)
Signed-off-by: Amaury Denoyelle <adenoyelle@haproxy.com>
(cherry picked from commit
97c15782afd9c70281ff0c72971485227494cc12)
Signed-off-by: Amaury Denoyelle <adenoyelle@haproxy.com>
Gbp-Pq: Name BUG-MINOR-h3-reject-more-chars-from-the-path-pseudo-.patch
projects / haproxy.git / commit