-
Asad Sajjad Ahmed authored
We should apply the same restrictions on the list of allowed characters inside H/2 pseudo-headers as we do for H/1. This error is translated into the headers we send to a backend over H/1. Failure to do so could permit various exploits against a backend not handling malformed H/1 requests. Signed-off-by: Asad Sajjad Ahmed <asadsa@varnish-software.com>
207698a0
Name |
Last commit
|
Last update |
---|---|---|
.. | ||
cache | ||
common | ||
fuzzers | ||
hash | ||
hpack | ||
http1 | ||
http2 | ||
mgt | ||
proxy | ||
storage | ||
waiter | ||
Makefile.am | ||
builtin.vcl | ||
flint.lnt | ||
flint.sh | ||
vclflint.lnt | ||
vclflint.sh |