You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@trafficserver.apache.org by bn...@apache.org on 2021/10/27 16:30:43 UTC

[trafficserver] branch 8.1.x updated: 8.1.x: Reject Transfer-Encoding in pre-HTTP/1.1 requests (#8457)

This is an automated email from the ASF dual-hosted git repository.

bneradt pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/8.1.x by this push:
     new e2c9ac2  8.1.x: Reject Transfer-Encoding in pre-HTTP/1.1 requests (#8457)
e2c9ac2 is described below

commit e2c9ac217f24dc3e91ff2c9f52b52093e8fb32d5
Author: Brian Neradt <br...@verizonmedia.com>
AuthorDate: Wed Oct 27 11:30:32 2021 -0500

    8.1.x: Reject Transfer-Encoding in pre-HTTP/1.1 requests (#8457)
    
    Per spec, Transfer-Encoding is only supported in HTTP/1.1. For earlier
    versions, we must reject Transfer-Encoding rather than interpret it
    since downstream proxies may ignore the chunk header and rely upon the
    Content-Length, or interpret the body some other way.  These differences
    in interpretation may open up the door to compatibility issues. To
    protect against this, we reply with a 4xx if the client uses
    Transfer-Encoding with HTTP versions that do not support it.
---
 proxy/http/HttpTransact.cc | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/proxy/http/HttpTransact.cc b/proxy/http/HttpTransact.cc
index 2de29a8..0348b65 100644
--- a/proxy/http/HttpTransact.cc
+++ b/proxy/http/HttpTransact.cc
@@ -5183,6 +5183,17 @@ HttpTransact::check_request_validity(State *s, HTTPHdr *incoming_hdr)
       return BAD_CONNECT_PORT;
     }
 
+    if (s->client_info.transfer_encoding == CHUNKED_ENCODING && incoming_hdr->version_get() < HTTPVersion(1, 1)) {
+      // Per spec, Transfer-Encoding is only supported in HTTP/1.1. For earlier
+      // versions, we must reject Transfer-Encoding rather than interpret it
+      // since downstream proxies may ignore the chunk header and rely upon the
+      // Content-Length, or interpret the body some other way. These
+      // differences in interpretation may open up the door to compatibility
+      // issues. To protect against this, we reply with a 4xx if the client
+      // uses Transfer-Encoding with HTTP versions that do not support it.
+      return UNACCEPTABLE_TE_REQUIRED;
+    }
+
     // Require Content-Length/Transfer-Encoding for POST/PUSH/PUT
     if ((scheme == URL_WKSIDX_HTTP || scheme == URL_WKSIDX_HTTPS) &&
         (method == HTTP_WKSIDX_POST || method == HTTP_WKSIDX_PUSH || method == HTTP_WKSIDX_PUT) &&