mirrors/uquic
1
0
Fork 0
mirror of https://github.com/refraction-networking/uquic.git synced 2025-04-03 04:07:35 +03:00
Code Issues Projects Releases Packages Wiki Activity

http3: reject unknown pseudo headers (#3973)

Browse source
This commit is contained in:
Marten Seemann 2023-07-18 22:42:26 -07:00 committed by GitHub
parent b6dbfc8c06
commit 5ae28928db
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 13 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
http3/headers.go
View file

@ -60,6 +60,8 @@ func parseHeaders(headers []qpack.HeaderField, isRequest bool) (header, error) {
case ":status":
hdr.Status = h.Value
isResponsePseudoHeader = true
default:
return header{}, fmt.Errorf("unknown pseudo header: %s", h.Name)
}
if isRequest && isResponsePseudoHeader {
return header{}, fmt.Errorf("invalid request pseudo header: %s", h.Name)

11
http3/headers_test.go
View file

@ -44,6 +44,17 @@ var _ = Describe("Request", func() {
Expect(err).To(MatchError("header field is not lower-case: Content-Length"))
})
It("rejects unknown pseudo headers", func() {
headers := []qpack.HeaderField{
{Name: ":path", Value: "/foo"},
{Name: ":authority", Value: "quic.clemente.io"},
{Name: ":method", Value: "GET"},
{Name: ":foo", Value: "bar"},
}
_, err := requestFromHeaders(headers)
Expect(err).To(MatchError("unknown pseudo header: :foo"))
})
It("rejects invalid field names", func() {
headers := []qpack.HeaderField{
{Name: ":path", Value: "/foo"},