-
Asad Sajjad Ahmed authored
We should apply the same restrictions on the list of allowed characters inside H/2 pseudo-headers as we do for H/1. This error is translated into the headers we send to a backend over H/1. Failure to do so could permit various exploits against a backend not handling malformed H/1 requests. Signed-off-by: Asad Sajjad Ahmed <asadsa@varnish-software.com>
687ffb64
Name |
Last commit
|
Last update |
---|---|---|
.. | ||
cache_http2.h | ||
cache_http2_deliver.c | ||
cache_http2_hpack.c | ||
cache_http2_panic.c | ||
cache_http2_proto.c | ||
cache_http2_send.c | ||
cache_http2_session.c |