reject content-length with transfer-encoding regardless of order#3098
Open
sahvx655-wq wants to merge 1 commit into
Open
reject content-length with transfer-encoding regardless of order#3098sahvx655-wq wants to merge 1 commit into
sahvx655-wq wants to merge 1 commit into
Conversation
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## develop #3098 +/- ##
===========================================
- Coverage 93.28% 93.26% -0.03%
===========================================
Files 177 177
Lines 13750 13751 +1
===========================================
- Hits 12827 12825 -2
- Misses 923 926 +3
... and 1 file with indirect coverage changes Continue to review full report in Codecov by Harness.
🚀 New features to boost your workflow:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
do_field already treats Content-Length and Transfer-Encoding as mutually exclusive, but only catches the conflict for some header orderings. I was going back over the conflict handling after the recent framing work and the two branches are not symmetric: the Transfer-Encoding branch bails out when flagContentLength is set, and the Content-Length branch bails out when flagChunked is set, yet a Transfer-Encoding whose coding does not resolve to chunked (say
Transfer-Encoding: gzip) records no flag at all. SoTransfer-Encoding: gzipfollowed byContent-Length: 5is accepted and framed by the Content-Length, while the very same two fields in the opposite order are rejected with bad_transfer_encoding.Header field order deciding whether a request is rejected is the Content-Length / Transfer-Encoding desync that RFC 7230 3.3.3 forbids: a front-end that honours the Transfer-Encoding and Beast honouring the Content-Length disagree about where the body ends, which is a request smuggling primitive. I record the presence of any Transfer-Encoding in a new flag and reject a following Content-Length, so the conflict is caught at whichever field completes it no matter the order or the coding. The check stays in do_field next to the existing conflict logic so finish_header still sees a consistent flag set. The regression test exercises both orderings.