Mercurial > hg > nginx-quic
changeset 8616:7416d3b2fac5 quic
HTTP/3: added CONNECT and TRACE methods rejection.
It has got lost in e1eb7f4ca9f1, let alone a subsequent update in 63c66b7cc07c.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Thu, 16 Sep 2021 13:13:22 +0300 |
parents | 7603284f7af5 |
children | 9ae239d2547d |
files | src/http/v3/ngx_http_v3_request.c |
diffstat | 1 files changed, 14 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/src/http/v3/ngx_http_v3_request.c +++ b/src/http/v3/ngx_http_v3_request.c @@ -45,7 +45,8 @@ static const struct { { ngx_string("LOCK"), NGX_HTTP_LOCK }, { ngx_string("UNLOCK"), NGX_HTTP_UNLOCK }, { ngx_string("PATCH"), NGX_HTTP_PATCH }, - { ngx_string("TRACE"), NGX_HTTP_TRACE } + { ngx_string("TRACE"), NGX_HTTP_TRACE }, + { ngx_string("CONNECT"), NGX_HTTP_CONNECT } }; @@ -780,6 +781,18 @@ ngx_http_v3_process_request_header(ngx_h } } + if (r->method == NGX_HTTP_CONNECT) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, "client sent CONNECT method"); + ngx_http_finalize_request(r, NGX_HTTP_NOT_ALLOWED); + return NGX_ERROR; + } + + if (r->method == NGX_HTTP_TRACE) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, "client sent TRACE method"); + ngx_http_finalize_request(r, NGX_HTTP_NOT_ALLOWED); + return NGX_ERROR; + } + return NGX_OK; failed: