Mercurial > hg > nginx
comparison src/http/ngx_http_request.c @ 8423:833898b35b24 quic
Decoupled validation of Host and :authority for HTTP/2 and HTTP/3.
Previously an error was triggered for HTTP/2 when host with port was passed
by client.
| author | Roman Arutyunyan <arut@nginx.com> |
|---|---|
| date | Tue, 02 Jun 2020 15:59:14 +0300 |
| parents | 2bf17a829ddc |
| children | c9538aef3211 |
comparison
equal
deleted
inserted
replaced
| 8422:90b02ff6b003 | 8423:833898b35b24 |
|---|---|
| 2063 "client sent HTTP/1.1 request without \"Host\" header"); | 2063 "client sent HTTP/1.1 request without \"Host\" header"); |
| 2064 ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST); | 2064 ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST); |
| 2065 return NGX_ERROR; | 2065 return NGX_ERROR; |
| 2066 } | 2066 } |
| 2067 | 2067 |
| 2068 if (r->http_version >= NGX_HTTP_VERSION_20) { | 2068 if (r->headers_in.host == NULL && r->http_version == NGX_HTTP_VERSION_20) { |
| 2069 ngx_log_error(NGX_LOG_INFO, r->connection->log, 0, | |
| 2070 "client sent HTTP/2 request without " | |
| 2071 "\":authority\" or \"Host\" header"); | |
| 2072 ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST); | |
| 2073 return NGX_ERROR; | |
| 2074 } | |
| 2075 | |
| 2076 if (r->http_version == NGX_HTTP_VERSION_30) { | |
| 2069 if (r->headers_in.server.len == 0) { | 2077 if (r->headers_in.server.len == 0) { |
| 2070 ngx_log_error(NGX_LOG_INFO, r->connection->log, 0, | 2078 ngx_log_error(NGX_LOG_INFO, r->connection->log, 0, |
| 2071 "client sent HTTP request without " | 2079 "client sent HTTP/3 request without " |
| 2072 "\":authority\" or \"Host\" header"); | 2080 "\":authority\" or \"Host\" header"); |
| 2073 ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST); | 2081 ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST); |
| 2074 return NGX_ERROR; | 2082 return NGX_ERROR; |
| 2075 } | 2083 } |
| 2076 | 2084 |
| 2080 r->headers_in.server.data, | 2088 r->headers_in.server.data, |
| 2081 r->headers_in.server.len) | 2089 r->headers_in.server.len) |
| 2082 != 0) | 2090 != 0) |
| 2083 { | 2091 { |
| 2084 ngx_log_error(NGX_LOG_INFO, r->connection->log, 0, | 2092 ngx_log_error(NGX_LOG_INFO, r->connection->log, 0, |
| 2085 "client sent HTTP request with different " | 2093 "client sent HTTP/3 request with different " |
| 2086 "values of \":authority\" and \"Host\" headers"); | 2094 "values of \":authority\" and \"Host\" headers"); |
| 2087 ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST); | 2095 ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST); |
| 2088 return NGX_ERROR; | 2096 return NGX_ERROR; |
| 2089 } | 2097 } |
| 2090 } | 2098 } |