Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

More strict parsing of initial line / http headers #10058

Merged
merged 2 commits into from Feb 26, 2020
Merged

More strict parsing of initial line / http headers #10058

merged 2 commits into from Feb 26, 2020

Conversation

normanmaurer
Copy link
Member

Motivation:

Our parsing of the initial line / http headers did treat some characters as separators which should better trigger an exception during parsing.

Modifications:

  • Tighten up parsing of the inital line by follow recommentation of RFC7230
  • Restrict separators to OWS for http headers
  • Add unit test

Result:

Stricter parsing of HTTP1

@normanmaurer
More strict parsing of initial line / http headers
592fdb3 
Motivation:

Our parsing of the initial line / http headers did treat some characters as separators which should better trigger an exception during parsing.

Modifications:

- Tighten up parsing of the inital line by follow recommentation of RFC7230
- Restrict separators to OWS for http headers
- Add unit test

Result:

Stricter parsing of HTTP1
@normanmaurer
Copy link
Member Author

/cc @violetagg

@normanmaurer normanmaurer added this to the 4.1.46.Final milestone Feb 24, 2020
@normanmaurer normanmaurer merged commit 9ae782d into 4.1 Feb 26, 2020
@normanmaurer normanmaurer deleted the http_parsing branch February 26, 2020 08:50
normanmaurer added a commit that referenced this pull request Feb 26, 2020
@normanmaurer
More strict parsing of initial line / http headers (#10058)
4a07f1c 
Motivation:

Our parsing of the initial line / http headers did treat some characters as separators which should better trigger an exception during parsing.

Modifications:

- Tighten up parsing of the inital line by follow recommentation of RFC7230
- Restrict separators to OWS for http headers
- Add unit test

Result:

Stricter parsing of HTTP1
ihanyong pushed a commit to ihanyong/netty that referenced this pull request Jul 31, 2020
@normanmaurer @ihanyong
More strict parsing of initial line / http headers (netty#10058)
7b0fd19 
Motivation:

Our parsing of the initial line / http headers did treat some characters as separators which should better trigger an exception during parsing.

Modifications:

- Tighten up parsing of the inital line by follow recommentation of RFC7230
- Restrict separators to OWS for http headers
- Add unit test

Result:

Stricter parsing of HTTP1
@dependabot dependabot bot mentioned this pull request Mar 10, 2021
Open
@vivdesh vivdesh mentioned this pull request Aug 2, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Bennett-Lynch Bennett-Lynch Bennett-Lynch left review comments

@bryce-anderson bryce-anderson bryce-anderson approved these changes

@NiteshKant NiteshKant Awaiting requested review from NiteshKant

@idelpivnitskiy idelpivnitskiy Awaiting requested review from idelpivnitskiy

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
4.1.46.Final
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@normanmaurer @bryce-anderson @Bennett-Lynch