-
-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
http3: only use :protocol pseudo-header for Extended CONNECT #4261
Conversation
Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). View this failed invocation of the CLA check for more information. For the most up to date status, view the checks section at the bottom of the pull request. |
The default value should be "HTTP/3.0".
Can you explain the motivation behind this PR? |
hi @marten-seemann If the client fire a CONNECT request without :protocol, this req.Proto will be empty without this patch. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this PR is correct, but I'd to tighten the validation logic here a bit. The :protocol
pseudo header is only defined for Extended Connect requests (RFC 9220). We should reject any non-Extended Connected request that sets this header field.
@taoso Do you want to update the PR? We'd also need a test case that tests that we correctly reject requests with :protocol
header.
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #4261 +/- ##
==========================================
+ Coverage 84.06% 84.07% +0.01%
==========================================
Files 150 150
Lines 15425 15424 -1
==========================================
+ Hits 12966 12967 +1
+ Misses 1955 1954 -1
+ Partials 504 503 -1 ☔ View full report in Codecov by Sentry. |
Hi @marten-seemann , let me try. |
The :protocol pseudo header is only defined for Extended Connect requests (RFC 9220).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thanks for pushing this through @taoso!
Hi @marten-seemann Could this PR be merged? |
…#4261) * Fix protocol The default value should be "HTTP/3.0". * Reject normal request with :protocol header The :protocol pseudo header is only defined for Extended Connect requests (RFC 9220). * save one branch check * Fix review issue
The default value should be "HTTP/3.0".