You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by bc...@apache.org on 2020/09/22 15:41:58 UTC

[trafficserver] 02/02: Strip whitespaces after field-name and before the colon in headers from the origin (#7202)

This is an automated email from the ASF dual-hosted git repository.

bcall pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git

commit 2df801d729377a08b4a605c3d84a778d05c7c56e
Author: Bryan Call <bc...@apache.org>
AuthorDate: Mon Sep 21 11:53:20 2020 -0700

    Strip whitespaces after field-name and before the colon in headers from the origin (#7202)
    
    (cherry picked from commit cf8f025f67ad4c453cde40776da81e8873e0a254)
---
 proxy/hdrs/MIME.cc                                 |  6 ++-
 tests/gold_tests/headers/field_name_space.test.py  | 53 ++++++++++++++++++++++
 .../gold_tests/headers/gold/field_name_space.gold  | 14 ++++++
 3 files changed, 71 insertions(+), 2 deletions(-)

diff --git a/proxy/hdrs/MIME.cc b/proxy/hdrs/MIME.cc
index c2e938d..fb7bd33 100644
--- a/proxy/hdrs/MIME.cc
+++ b/proxy/hdrs/MIME.cc
@@ -2574,12 +2574,14 @@ mime_parser_parse(MIMEParser *parser, HdrHeap *heap, MIMEHdrImpl *mh, const char
     // whitespace between a header field-name and colon with a response code
     // of 400 (Bad Request).
     // A proxy MUST remove any such whitespace from a response message before
-    // fowarding the message downstream.
+    // forwarding the message downstream.
+    bool raw_print_field = true;
     if (is_ws(field_name.back())) {
       if (!remove_ws_from_field_name) {
         return PARSE_RESULT_ERROR;
       }
       field_name.rtrim_if(&ParseRules::is_ws);
+      raw_print_field = false;
     }
 
     // find value first
@@ -2615,7 +2617,7 @@ mime_parser_parse(MIMEParser *parser, HdrHeap *heap, MIMEHdrImpl *mh, const char
 
     MIMEField *field = mime_field_create(heap, mh);
     mime_field_name_value_set(heap, mh, field, field_name_wks_idx, field_name.data(), field_name.size(), field_value.data(),
-                              field_value.size(), true, parsed.size(), false);
+                              field_value.size(), raw_print_field, parsed.size(), false);
     mime_hdr_field_attach(mh, field, 1, nullptr);
   }
 }
diff --git a/tests/gold_tests/headers/field_name_space.test.py b/tests/gold_tests/headers/field_name_space.test.py
new file mode 100644
index 0000000..559ba17
--- /dev/null
+++ b/tests/gold_tests/headers/field_name_space.test.py
@@ -0,0 +1,53 @@
+'''
+Test on handeling spaces after the field name and before the colon
+'''
+#  Licensed to the Apache Software Foundation (ASF) under one
+#  or more contributor license agreements.  See the NOTICE file
+#  distributed with this work for additional information
+#  regarding copyright ownership.  The ASF licenses this file
+#  to you under the Apache License, Version 2.0 (the
+#  "License"); you may not use this file except in compliance
+#  with the License.  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+Test.Summary = '''
+Checking  on handeling spaces after the field name and before the colon
+'''
+
+Test.ContinueOnFail = True
+
+# Define default ATS
+ts = Test.MakeATSProcess("ts")
+server = Test.MakeOriginServer("server")
+
+testName = "field_name_space"
+request_header = {
+    "headers": "GET / HTTP/1.1\r\nHost: www.example.com\r\n\r\n",
+    "timestamp": "1469733493.993",
+    "body": ""}
+response_header = {
+    "headers": "HTTP/1.1 200 OK\r\nConnection: close\r\nFoo : 123\r\nFoo: 456\r\n",
+    "timestamp": "1469733493.993",
+    "body": "xxx"}
+server.addResponse("sessionlog.json", request_header, response_header)
+
+ts.Disk.remap_config.AddLine(
+    'map http://www.example.com http://127.0.0.1:{0}'.format(server.Variables.Port)
+)
+
+# Test spaces at the end of the field name and before the :
+tr = Test.AddTestRun()
+tr.Processes.Default.StartBefore(server, ready=When.PortOpen(server.Variables.Port))
+tr.Processes.Default.StartBefore(Test.Processes.ts)
+tr.Processes.Default.Command = 'curl -s -D - -v --ipv4 --http1.1 -H "Host: www.example.com" http://localhost:{0}/'.format(
+    ts.Variables.port)
+tr.Processes.Default.ReturnCode = 0
+tr.Processes.Default.Streams.stderr = "gold/field_name_space.gold"
+tr.StillRunningAfter = ts
diff --git a/tests/gold_tests/headers/gold/field_name_space.gold b/tests/gold_tests/headers/gold/field_name_space.gold
new file mode 100644
index 0000000..bf71178
--- /dev/null
+++ b/tests/gold_tests/headers/gold/field_name_space.gold
@@ -0,0 +1,14 @@
+``
+> GET /``
+> Host: www.example.com``
+> User-Agent: curl/``
+``
+< HTTP/1.1 200 OK
+< Foo: 123
+< Foo: 456
+< Content-Length: 3
+< Date: ``
+< Age: ``
+< Connection: keep-alive
+< Server: ATS/``
+``