[PATCH] HTTP/2: reject HTTP/2 requests with "Connection" header
Valentin V. Bartenev
vbart at nginx.com
Thu Jun 8 15:17:38 UTC 2017
On Sunday 26 March 2017 01:41:18 Piotr Sikora via nginx-devel wrote:
> # HG changeset patch
> # User Piotr Sikora <piotrsikora at google.com>
> # Date 1490516709 25200
> # Sun Mar 26 01:25:09 2017 -0700
> # Node ID b8daccea5fde213d4b7a10fa9f57070ab3b6a1ec
> # Parent 22be63bf21edaa1b8ea916c7d8cd4e5fe4892061
> HTTP/2: reject HTTP/2 requests with "Connection" header.
>
> While there, populate r->headers_in.connection.
>
> Signed-off-by: Piotr Sikora <piotrsikora at google.com>
>
> diff -r 22be63bf21ed -r b8daccea5fde src/http/ngx_http_request.c
> --- a/src/http/ngx_http_request.c
> +++ b/src/http/ngx_http_request.c
> @@ -1659,6 +1659,22 @@ static ngx_int_t
> ngx_http_process_connection(ngx_http_request_t *r, ngx_table_elt_t *h,
> ngx_uint_t offset)
> {
> + if (r->headers_in.connection == NULL) {
> + r->headers_in.connection = h;
> + }
> +
> +#if (NGX_HTTP_V2)
> +
> + if (r->http_version >= NGX_HTTP_VERSION_20) {
> + ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
> + "client sent HTTP/2 request with \"Connection\" header");
> +
> + ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
> + return NGX_ERROR;
> + }
> +
> +#endif
> +
> if (ngx_strcasestrn(h->value.data, "close", 5 - 1)) {
> r->headers_in.connection_type = NGX_HTTP_CONNECTION_CLOSE;
>
Since HTTP/2 is a separate protocol and not just GET / HTTP/2.0, so
the r->stream pointer should be tested instead (like in many other
places).
wbr, Valentin V. Bartenev
More information about the nginx-devel
mailing list