BUG/MEDIUM: h2: remove connection-specific headers from request

h2spec rightfully outlines that we used not to reject these ones, and they may cause trouble if presented, especially "upgrade". Must be backported to 1.8.
2017-12-03 20:15:34 +01:00 · 2017-12-03 20:15:34 +01:00 · fe7c356be6
commit fe7c356be6
parent 520886990f
1 changed files with 8 additions and 0 deletions
--- a/src/h2.c
+++ b/src/h2.c
@ -179,6 +179,14 @@ int h2_make_h1_request(struct http_hdr *list, char *out, int osize)
 		if (isteq(list[idx].n, ist("host")))
 			fields |= H2_PHDR_FND_HOST;

+		/* these ones are forbidden in requests (RFC7540#8.1.2.2) */
+		if (isteq(list[idx].n, ist("connection")) ||
+		    isteq(list[idx].n, ist("proxy-connection")) ||
+		    isteq(list[idx].n, ist("keep-alive")) ||
+		    isteq(list[idx].n, ist("upgrade")) ||
+		    isteq(list[idx].n, ist("transfer-encoding")))
+			goto fail;
+
 		if (isteq(list[idx].n, ist("te")) && !isteq(list[idx].v, ist("trailers")))
 			goto fail;