Fix for issue 857: RFC-7230 compliant forwarding of client certificates
Flemming Frandsen
dren.dk at gmail.com
Mon Nov 28 09:20:28 UTC 2016
On Fri, Nov 25, 2016 at 12:58 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:
> Another possible approach might be to change $ssl_client_cert to
> use spaces (tabs?) instead of newline + tab. This should be
> compatible with what most servers provide as a result of parsing
> multi-line header, and implies less changes. This needs an
> additional investigation though.
>
Hi, I've found some more support for doing exactly this:
https://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4.2
"
Any LWS that occurs between field-content MAY be replaced with a single SP
before interpreting the field value or forwarding the message downstream.
"
As far as I know LWS includes the newline-whitespace sequence.
It seems to me quite clear that any compliant interpreter of header values
should be insensitive to the switch from any amount of linear white space
ce to a single space within the header value.
--
Flemming Frandsen - YAPH - http://osaa.dk - http://dren.dk/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20161128/03485b43/attachment.html>
More information about the nginx-devel
mailing list