curl / Mailing Lists / curl-library / Single Mail

Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Verification of :authority in push promise requests too strict?

From: Christoph M. Becker via curl-library <curl-library_at_cool.haxx.se>
Date: Wed, 11 Sep 2019 14:49:27 +0200

Hi!

As of curl 7.64.1 one test case[1] in the PHP test suite is failing,
which is caused by
<https://github.com/curl/curl/pull/3581/commits/228cb2511e00badc78eb2356232b40eee54d0dbc>.

The problem is that the server sends

:authority http2.golang.org

while libcurl expects

:authority http2.golang.org:443

So obviously only the (default) port number is missing. I wonder
whether the check for the :authority pseudo is too strict.

[1]
<https://github.com/php/php-src/blob/php-7.2.22/ext/curl/tests/bug76675.phpt>

--
Christoph M. Becker
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette:   https://curl.haxx.se/mail/etiquette.html

Received on 2019-09-11

This message: [ Message body ]
Next message: Jan Ehrhardt via curl-library: "Re: [RELEASE] curl 7.66.0"
Previous message: Christoph M. Becker via curl-library: "Re: [RELEASE] curl 7.66.0"
Next in thread: Daniel Stenberg via curl-library: "Re: Verification of :authority in push promise requests too strict?"
Reply: Daniel Stenberg via curl-library: "Re: Verification of :authority in push promise requests too strict?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]