[PATCH 3 of 4] HTTP/2: reject HTTP/2 requests with "Transfer-Encoding" header

Piotr Sikora piotrsikora at google.com
Tue Jun 13 12:19:47 UTC 2017


# HG changeset patch
# User Piotr Sikora <piotrsikora at google.com>
# Date 1490516709 25200
#      Sun Mar 26 01:25:09 2017 -0700
# Node ID 6263d68cb96042d8f8974a4a3945226227ce13b9
# Parent  349648a6f91f9bd5cc80d22390b95c2239a8bfb3
HTTP/2: reject HTTP/2 requests with "Transfer-Encoding" header.

Signed-off-by: Piotr Sikora <piotrsikora at google.com>

diff -r 349648a6f91f -r 6263d68cb960 src/http/ngx_http_request.c
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -29,6 +29,8 @@ static ngx_int_t ngx_http_process_connec
     ngx_table_elt_t *h, ngx_uint_t offset);
 static ngx_int_t ngx_http_process_te(ngx_http_request_t *r,
     ngx_table_elt_t *h, ngx_uint_t offset);
+static ngx_int_t ngx_http_process_transfer_encoding(ngx_http_request_t *r,
+    ngx_table_elt_t *h, ngx_uint_t offset);
 static ngx_int_t ngx_http_process_user_agent(ngx_http_request_t *r,
     ngx_table_elt_t *h, ngx_uint_t offset);
 
@@ -136,7 +138,7 @@ ngx_http_header_t  ngx_http_headers_in[]
 
     { ngx_string("Transfer-Encoding"),
                  offsetof(ngx_http_headers_in_t, transfer_encoding),
-                 ngx_http_process_header_line },
+                 ngx_http_process_transfer_encoding },
 
     { ngx_string("Expect"),
                  offsetof(ngx_http_headers_in_t, expect),
@@ -1743,6 +1745,49 @@ ngx_http_process_te(ngx_http_request_t *
 
 
 static ngx_int_t
+ngx_http_process_transfer_encoding(ngx_http_request_t *r, ngx_table_elt_t *h,
+    ngx_uint_t offset)
+{
+    if (r->headers_in.transfer_encoding == NULL) {
+        r->headers_in.transfer_encoding = h;
+    }
+
+#if (NGX_HTTP_V2)
+
+    if (r->stream) {
+        ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
+                      "client sent HTTP/2 request with \"Transfer-Encoding\" "
+                      "header");
+
+        ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
+        return NGX_ERROR;
+    }
+
+#endif
+
+    if (h->value.len == 7
+        && ngx_strncasecmp(h->value.data, (u_char *) "chunked", 7) == 0)
+    {
+        r->headers_in.chunked = 1;
+        return NGX_OK;
+    }
+
+    if (h->value.len != 8
+        || ngx_strncasecmp(h->value.data, (u_char *) "identity", 8) != 0)
+    {
+        ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
+                      "client sent unknown \"Transfer-Encoding: %V\" header",
+                      &h->value);
+
+        ngx_http_finalize_request(r, NGX_HTTP_NOT_IMPLEMENTED);
+        return NGX_ERROR;
+    }
+
+    return NGX_OK;
+}
+
+
+static ngx_int_t
 ngx_http_process_user_agent(ngx_http_request_t *r, ngx_table_elt_t *h,
     ngx_uint_t offset)
 {
@@ -1881,25 +1926,9 @@ ngx_http_process_request_header(ngx_http
         return NGX_ERROR;
     }
 
-    if (r->headers_in.transfer_encoding) {
-        if (r->headers_in.transfer_encoding->value.len == 7
-            && ngx_strncasecmp(r->headers_in.transfer_encoding->value.data,
-                               (u_char *) "chunked", 7) == 0)
-        {
-            r->headers_in.content_length = NULL;
-            r->headers_in.content_length_n = -1;
-            r->headers_in.chunked = 1;
-
-        } else if (r->headers_in.transfer_encoding->value.len != 8
-            || ngx_strncasecmp(r->headers_in.transfer_encoding->value.data,
-                               (u_char *) "identity", 8) != 0)
-        {
-            ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
-                          "client sent unknown \"Transfer-Encoding\": \"%V\"",
-                          &r->headers_in.transfer_encoding->value);
-            ngx_http_finalize_request(r, NGX_HTTP_NOT_IMPLEMENTED);
-            return NGX_ERROR;
-        }
+    if (r->headers_in.chunked) {
+        r->headers_in.content_length = NULL;
+        r->headers_in.content_length_n = -1;
     }
 
     if (r->headers_in.connection_type == NGX_HTTP_CONNECTION_KEEP_ALIVE) {


More information about the nginx-devel mailing list