[jira] [Created] (TS-4019) Headers passed via HTTP/2 should be validated before passing to FetchSM

["Masakazu Kitajo (JIRA)" <ji...@apache.org>]

Masakazu Kitajo created TS-4019:
-----------------------------------

             Summary: Headers passed via HTTP/2 should be validated before passing to FetchSM
                 Key: TS-4019
                 URL: https://issues.apache.org/jira/browse/TS-4019
             Project: Traffic Server
          Issue Type: Bug
          Components: HTTP/2
            Reporter: Masakazu Kitajo


HTTP/2 header fields which contain invalid characters must not be passed to an origin server via HTTP/1.1, and it must be treated as a protocol error.

{quote}
10.3.  Intermediary Encapsulation Attacks

   The HTTP/2 header field encoding allows the expression of names that
   are not valid field names in the Internet Message Syntax used by
   HTTP/1.1.  Requests or responses containing invalid header field
   names MUST be treated as malformed (Section 8.1.2.6).  An
   intermediary therefore cannot translate an HTTP/2 request or response
   containing an invalid field name into an HTTP/1.1 message.

   Similarly, HTTP/2 allows header field values that are not valid.
   While most of the values that can be encoded will not alter header
   field parsing, carriage return (CR, ASCII 0xd), line feed (LF, ASCII
   0xa), and the zero character (NUL, ASCII 0x0) might be exploited by
   an attacker if they are translated verbatim.  Any request or response
   that contains a character not permitted in a header field value MUST
   be treated as malformed (Section 8.1.2.6).  Valid characters are
   defined by the "field-content" ABNF rule in Section 3.2 of \[RFC7230\].
{quote}
https://tools.ietf.org/html/rfc7540#section-10.3



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)