mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-07-24 14:16:20 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Disabled HTTP/1.0 requests with Transfer-Encoding.

Browse Source 
The latest HTTP/1.1 draft describes Transfer-Encoding in HTTP/1.0 as having
potentially faulty message framing as that could have been forwarded without
handling of the chunked encoding, and forbids processing subsequest requests
over that connection: https://github.com/httpwg/http-core/issues/879.

While handling of such requests is permitted, the most secure approach seems
to reject them.
This commit is contained in:
Sergey Kandaurov 2021-08-09 18:12:12 +03:00
parent 02bd43d05b
commit 7bcb50c061
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/http/ngx_http_request.c
View File

@ -1983,6 +1983,14 @@ ngx_http_process_request_header(ngx_http_request_t *r)
}
if (r->headers_in.transfer_encoding) {
if (r->http_version < NGX_HTTP_VERSION_11) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent HTTP/1.0 request with "
"\"Transfer-Encoding\" header");
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
return NGX_ERROR;
}
if (r->headers_in.transfer_encoding->value.len == 7
&& ngx_strncasecmp(r->headers_in.transfer_encoding->value.data,
(u_char *) "chunked", 7) == 0)