New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
http2: Don't send header fields prohibited by HTTP/2 spec #1092
http2: Don't send header fields prohibited by HTTP/2 spec #1092
Conversation
Previously, we just ignored "Connection" header field. But HTTP/2 specification actually prohibits few more header fields. This commit ignores all of them so that we don't send these bad header fields.
@tatsuhiro-t, thanks for your PR! By analyzing the history of the files in this pull request, we identified @Andersbakken, @jay and @bagder to be potential reviewers. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
trailers can be anywhere so I think we will have to account for this, for example
TE: trailers, deflate
TE: deflate, trailers;qabc
Good point.. Yes, we need to parse it. Does curl have convenient function to parse this comma separated list header fields? |
hm offhand I can't think of one. There's always strtok_r. Also I don't think we have to check for the semi-colon in trailers if I'm reading this right:
|
Thank you. I ended up not to use strtok_r since it requires NULL-terminated string, and it replaces delimiter with NUL byte. Instead, I added hand crafted "trailers" detection code. |
Oops I forgot about that. Your changes just landed. I made a few corrections:
Thanks! |
The commit looks good. Thank you for merging this. |
Previously, we just ignored "Connection" header field. But HTTP/2
specification actually prohibits few more header fields. This commit
ignores all of them so that we don't send these bad header fields.