Problems with HTTP/2
Valentin V. Bartenev
vbart at nginx.com
Tue Sep 29 23:07:06 UTC 2015
On Tuesday 29 September 2015 14:14:44 Aapo Talvensaari wrote:
> On 29 September 2015 at 13:38, Sergey Kandaurov <pluknet at nginx.com> wrote:
> > So, the header field name output as generated with php
> > (and previously guessed by Valentin),
> > is invalid as per 7230, which is in turn referenced in 7540.
> >
> > : field-name = token
> > : token = 1*tchar
> > : tchar = "!" / "#" / "quot; / "%" / "&" / "'" / "*" / "+" / "-" / "." /
> > : "^" / "_" / "`" / "|" / "~" / DIGIT / ALPHA
> >
> > Not much to discuss.
>
> Even if it works just fine with every browser and every other protocol in
> Nginx than
> HTTP/2? I kinda agree, but being in sense "be liberal what you accept, be
> conservative on what you send", it may make the issue still a worth to
> solve.
>
> Also it should be checked what happens here on the Nginx itself as this may even
> be a possible bug. Why doesn't it reply with something like internal sever
> error or something in that case? I mean, in worst case this might be a source for a security bug (note: I'm not saying it is).
NGINX doesn't reply anything special about this header in HTTP/2.
The behavior you see is on the client side.
wbr, Valentin V. Bartenev
More information about the nginx
mailing list