Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Avoid failing HTTP/2 requests with
upgrade-insecure-requests
(#12799)
Motivation: This is a non-standard header that is not _explicitly_ called out as connection related, even though it can be argued that it is. Regardless, Chrome and Firefox do actually send this header in their HTTP/2 requests, so rejecting these is quite troublesome. Safari doesn't send this header. Modification: Remove the check for `upgrade-insecure-requests` in the header validation in HpackDecoder. Also update tests to match. Result: HTTP/2 requests from Chrome and Firefox are no longer rejected by the header validation. Fixes #12798
- Loading branch information
Showing
2 changed files
with
2 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters