mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-07-22 20:38:26 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

HTTP: Consider tab as whitespace in field value

Browse Source 
HTTP considers 0x09 (horizontal tab) to be valid horizontal whitespace
in a field value, and there are badly-behaved clients in the wild that
rely on this behavior and cannot be fixed.  This also ensures that NGINX
is not itself such a badly-behaved client and that, for HTTP/1.x
requests, the values of the $http_* variables agree with what upstream
servers will see.

Fixes: #187
This commit is contained in:
Demi Marie Obenour 2025-03-14 21:14:01 -04:00
parent d313056537
commit 1ba504d634
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/http/ngx_http_parse.c
View File

@ -972,6 +972,7 @@ ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b,
case sw_space_before_value: case sw_space_before_value:
switch (ch) { switch (ch) {
case ' ': case ' ':
case '\t':
break; break;
case CR: case CR:
r->header_start = p; r->header_start = p;
@ -996,6 +997,7 @@ ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b,
case sw_value: case sw_value:
switch (ch) { switch (ch) {
case ' ': case ' ':
case '\t':
r->header_end = p; r->header_end = p;
state = sw_space_after_value; state = sw_space_after_value;
break; break;
@ -1016,6 +1018,7 @@ ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b,
case sw_space_after_value: case sw_space_after_value:
switch (ch) { switch (ch) {
case ' ': case ' ':
case '\t':
break; break;
case CR: case CR:
state = sw_almost_done; state = sw_almost_done;