[PATCH 00 of 20] multiple headers handling

Maxim Dounin mdounin at mdounin.ru
Wed Apr 20 22:18:40 UTC 2022


The following patch series is expected to resolve issues with multiple
headers with identical names.  In particular, the following Trac tickets
are fixed:

Nginx doesn't sanitize and is inconsistent with multiple, repeated input headers

$http_ variables only contain the first field-value

$upstream_http_set_cookie includes only first cookie

response vary headers not used in the cache key

Multiple WWW-Authenticate headers

The basic idea is that all headers are linked lists now, which makes
it possible to easily concatenate multiple headers without introducing
arrays, as it was previously done with Cookie and X-Forwarded-For request
headers and Cache-Control, Link, and Set-Cookie response headers.

Futher, such approach makes it possible to easily concatenate unknown
headers at runtime, so it makes it possible to properly merge headers
passed to CGI-like backends.

Review and testing appreciated.

Maxim Dounin

More information about the nginx-devel mailing list