[PATCH 4 of 4] HTTP/2: reject HTTP/2 requests with connection-specific headers

Piotr Sikora piotrsikora at google.com
Tue Jun 13 12:19:48 UTC 2017


# HG changeset patch
# User Piotr Sikora <piotrsikora at google.com>
# Date 1490516709 25200
#      Sun Mar 26 01:25:09 2017 -0700
# Node ID e2abc3bc3fc12b788d2631d3c47215acdc4ebbe6
# Parent  6263d68cb96042d8f8974a4a3945226227ce13b9
HTTP/2: reject HTTP/2 requests with connection-specific headers.

Signed-off-by: Piotr Sikora <piotrsikora at google.com>

diff -r 6263d68cb960 -r e2abc3bc3fc1 src/http/ngx_http_request.c
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -19,6 +19,8 @@ static ngx_int_t ngx_http_alloc_large_he
 
 static ngx_int_t ngx_http_process_header_line(ngx_http_request_t *r,
     ngx_table_elt_t *h, ngx_uint_t offset);
+static ngx_int_t ngx_http_process_http1_header_line(ngx_http_request_t *r,
+    ngx_table_elt_t *h, ngx_uint_t offset);
 static ngx_int_t ngx_http_process_unique_header_line(ngx_http_request_t *r,
     ngx_table_elt_t *h, ngx_uint_t offset);
 static ngx_int_t ngx_http_process_multi_header_lines(ngx_http_request_t *r,
@@ -146,7 +148,7 @@ ngx_http_header_t  ngx_http_headers_in[]
 
     { ngx_string("Upgrade"),
                  offsetof(ngx_http_headers_in_t, upgrade),
-                 ngx_http_process_header_line },
+                 ngx_http_process_http1_header_line },
 
 #if (NGX_HTTP_GZIP)
     { ngx_string("Accept-Encoding"),
@@ -161,8 +163,13 @@ ngx_http_header_t  ngx_http_headers_in[]
                  offsetof(ngx_http_headers_in_t, authorization),
                  ngx_http_process_unique_header_line },
 
-    { ngx_string("Keep-Alive"), offsetof(ngx_http_headers_in_t, keep_alive),
-                 ngx_http_process_header_line },
+    { ngx_string("Keep-Alive"),
+                 offsetof(ngx_http_headers_in_t, keep_alive),
+                 ngx_http_process_http1_header_line },
+
+    { ngx_string("Proxy-Connection"),
+                 offsetof(ngx_http_headers_in_t, proxy_connection),
+                 ngx_http_process_http1_header_line },
 
 #if (NGX_HTTP_X_FORWARDED_FOR)
     { ngx_string("X-Forwarded-For"),
@@ -1618,6 +1625,35 @@ ngx_http_process_header_line(ngx_http_re
 
 
 static ngx_int_t
+ngx_http_process_http1_header_line(ngx_http_request_t *r, ngx_table_elt_t *h,
+    ngx_uint_t offset)
+{
+    ngx_table_elt_t  **ph;
+
+    ph = (ngx_table_elt_t **) ((char *) &r->headers_in + offset);
+
+    if (*ph == NULL) {
+        *ph = h;
+    }
+
+#if (NGX_HTTP_V2)
+
+    if (r->stream) {
+        ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
+                      "client sent HTTP/2 request with \"%V\" header",
+                      &h->key);
+
+        ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
+        return NGX_ERROR;
+    }
+
+#endif
+
+    return NGX_OK;
+}
+
+
+static ngx_int_t
 ngx_http_process_unique_header_line(ngx_http_request_t *r, ngx_table_elt_t *h,
     ngx_uint_t offset)
 {
diff -r 6263d68cb960 -r e2abc3bc3fc1 src/http/ngx_http_request.h
--- a/src/http/ngx_http_request.h
+++ b/src/http/ngx_http_request.h
@@ -209,6 +209,7 @@ typedef struct {
     ngx_table_elt_t                  *authorization;
 
     ngx_table_elt_t                  *keep_alive;
+    ngx_table_elt_t                  *proxy_connection;
 
 #if (NGX_HTTP_X_FORWARDED_FOR)
     ngx_array_t                       x_forwarded_for;


More information about the nginx-devel mailing list