Commit 3643aab3 authored by Dag Haavi Finstad's avatar Dag Haavi Finstad Committed by Dridi Boukelmoune

h2: Allow :path * for OPTIONS

Conflicts:
	bin/varnishd/http2/cache_http2_proto.c
parent e9edf57b
......@@ -135,8 +135,9 @@ h2h_addhdr(struct h2h_decode *d, struct http *hp, char *b, size_t namelen,
disallow_empty = 1;
// rfc7540,l,3060,3071
if ((len > 0 && *b != '/') ||
(len > 1 && *(b+1) == '/')) {
if (((len > 0 && *b != '/') ||
(len > 1 && *(b+1) == '/')) &&
(strncmp(b, "*", len) != 0)) {
VSLb(hp->vsl, SLT_BogoHeader,
"Illegal :path pseudo-header %.*s",
(int)len, b);
......
......@@ -687,6 +687,13 @@ h2_end_headers(struct worker *wrk, struct h2_sess *h2,
AN(req->http->hd[HTTP_HDR_PROTO].b);
if (*req->http->hd[HTTP_HDR_URL].b == '*' &&
(Tlen(req->http->hd[HTTP_HDR_METHOD]) != 7 ||
strncmp(req->http->hd[HTTP_HDR_METHOD].b, "OPTIONS", 7))) {
VSLb(h2->vsl, SLT_BogoHeader, "Illegal :path pseudo-header");
return (H2SE_PROTOCOL_ERROR); //rfc7540,l,3068,3071
}
req->req_step = R_STP_TRANSPORT;
req->task.func = h2_do_req;
req->task.priv = req;
......
......@@ -27,3 +27,43 @@ client c1 {
} -run
} -run
client c1 {
stream 3 {
txreq -noadd -hdr ":authority" "foo.com" -hdr ":path" "*a" -hdr ":scheme" "http" -hdr ":method" "GET"
rxrst
expect rst.err == PROTOCOL_ERROR
} -run
} -run
client c1 {
stream 1 {
txreq -noadd -hdr ":authority" "foo.com" -hdr ":path" "*" -hdr ":scheme" "http" -hdr ":method" "GET"
rxrst
expect rst.err == PROTOCOL_ERROR
} -run
} -run
client c1 {
stream 1 {
txreq -noadd -hdr ":authority" "foo.com" -hdr ":path" "*" -hdr ":scheme" "http" -hdr ":method" "OPTIONS"
rxresp
expect resp.status == 200
} -run
} -run
client c1 {
stream 1 {
txreq -noadd -hdr ":authority" "foo.com" -hdr ":path" "*" -hdr ":scheme" "http" -hdr ":method" "OPTIONs"
rxrst
expect rst.err == PROTOCOL_ERROR
} -run
} -run
client c1 {
stream 1 {
txreq -noadd -hdr ":authority" "foo.com" -hdr ":path" "*" -hdr ":scheme" "http" -hdr ":method" "OPTIONSx"
rxrst
expect rst.err == PROTOCOL_ERROR
} -run
} -run
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment