You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by bn...@apache.org on 2021/11/01 23:06:42 UTC
[trafficserver] branch
revert-8465-validate-scheme-against-wire-protocol created (now bc9feb6)
This is an automated email from the ASF dual-hosted git repository.
bneradt pushed a change to branch revert-8465-validate-scheme-against-wire-protocol
in repository https://gitbox.apache.org/repos/asf/trafficserver.git.
at bc9feb6 Revert "Add some checking to validate the scheme matches the wire protocol. (#8465)"
This branch includes the following new commits:
new bc9feb6 Revert "Add some checking to validate the scheme matches the wire protocol. (#8465)"
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
[trafficserver] 01/01: Revert "Add some checking to validate the
scheme matches the wire protocol. (#8465)"
Posted by bn...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
bneradt pushed a commit to branch revert-8465-validate-scheme-against-wire-protocol
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
commit bc9feb6f0b8d6813aa0c03ac7e29301cd08f9bab
Author: Brian Neradt <br...@verizonmedia.com>
AuthorDate: Mon Nov 1 18:06:35 2021 -0500
Revert "Add some checking to validate the scheme matches the wire protocol. (#8465)"
This reverts commit 92849ce8e99155c914aea4b82ed63e10e428bee1.
---
proxy/http/HttpSM.cc | 16 ++--------------
1 file changed, 2 insertions(+), 14 deletions(-)
diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc
index d0c8e81..3539eb2 100644
--- a/proxy/http/HttpSM.cc
+++ b/proxy/http/HttpSM.cc
@@ -881,18 +881,6 @@ HttpSM::state_read_client_request_header(int event, void *data)
break;
}
- if (!is_internal) {
- auto scheme = t_state.hdr_info.client_request.url_get()->scheme_get_wksidx();
- if ((client_connection_is_ssl && (scheme == URL_WKSIDX_HTTP || scheme == URL_WKSIDX_WS)) ||
- (!client_connection_is_ssl && (scheme == URL_WKSIDX_HTTPS || scheme == URL_WKSIDX_WSS))) {
- SMDebug("http", "scheme [%s] vs. protocol [%s] mismatch", hdrtoken_index_to_wks(scheme),
- client_connection_is_ssl ? "tls" : "plaintext");
- t_state.http_return_code = HTTP_STATUS_BAD_REQUEST;
- call_transact_and_set_next_state(HttpTransact::BadRequest);
- break;
- }
- }
-
if (_from_early_data) {
// Only allow early data for safe methods defined in RFC7231 Section 4.2.1.
// https://tools.ietf.org/html/rfc7231#section-4.2.1
@@ -1925,8 +1913,8 @@ HttpSM::state_http_server_open(int event, void *data)
this->create_server_txn(new_session);
// Since the UnixNetVConnection::action_ or SocksEntry::action_ may be returned from netProcessor.connect_re, and the
- // SocksEntry::action_ will be copied into UnixNetVConnection::action_ before call back NET_EVENT_OPEN from
- // SocksEntry::free(), so we just compare the Continuation between pending_action and VC's action_.
+ // SocksEntry::action_ will be copied into UnixNetVConnection::action_ before call back NET_EVENT_OPEN from SocksEntry::free(),
+ // so we just compare the Continuation between pending_action and VC's action_.
ink_release_assert(pending_action.empty() || pending_action.get_continuation() == vc->get_action()->continuation);
pending_action = nullptr;