LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
16996 Commits
1 Branch
46 MiB
 
 
 
 
 
 
Tree: 65baad1e79
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '65baad1e79'
${ noResults }
openwrt-packages-dist/net/haproxy/patches/000-MINOR-config-warn-on-pr...

65 lines
2.4 KiB
Raw Blame History

commit 41898a216e92c80c1354b67613834be1b3e97864
Author: Willy Tarreau <w@1wt.eu>
Date: Fri Oct 25 14:16:14 2019 +0200
MINOR: config: warn on presence of "\n" in header values/replacements
Yves Lafon reported an interesting case where an old rsprep rule used
to conditionally append a header field by inserting a \n in the exising
value was breaking H2 in HTX mode, with the browser rightfully reporting
a PROTOCOL_ERROR when facing the \n. In legacy mode, since the response
is first parsed again as an HTTP/1 message before being converted to H2
the issue does not happen. We should definitely discourage from using
this old trick nowadays, http-request and http-response rules were made
exactly to end this. Let's detect this and emit a warning when present.
In 2.0 there is already a warning recalling that these rules are
deprecated and which explains what to do instead, so the user now gets
all the relevant information to convert them.
There is no upstream commit ID for this patch because these rules were
indeed removed from 2.1. This patch could be backported to 1.9 as it
can also trigger the problem when HTX is enabled.
diff --git a/src/cfgparse-listen.c b/src/cfgparse-listen.c
index 5454f3bb..9c3e107a 100644
--- a/src/cfgparse-listen.c
+++ b/src/cfgparse-listen.c
@@ -294,6 +294,12 @@ static int create_cond_regex_rule(const char *file, int line,
goto err_free;
}
+ if (repl && strchr(repl, '\n')) {
+ ha_warning("parsing [%s:%d] : '%s' : hack involving '\\n' character in replacement string will fail with HTTP/2.\n",
+ file, line, cmd);
+ ret_code |= ERR_WARN;
+ }
+
if (dir == SMP_OPT_DIR_REQ && warnif_misplaced_reqxxx(px, file, line, cmd))
ret_code |= ERR_WARN;
@@ -4039,6 +4045,12 @@ stats_error_parsing:
goto out;
}
+ if (strchr(args[1], '\n')) {
+ ha_warning("parsing [%s:%d] : '%s' : hack involving '\\n' character in new header value will fail with HTTP/2.\n",
+ file, linenum, args[0]);
+ err_code |= ERR_WARN;
+ }
+
wl = calloc(1, sizeof(*wl));
wl->cond = cond;
wl->s = strdup(args[1]);
@@ -4157,6 +4169,12 @@ stats_error_parsing:
goto out;
}
+ if (strchr(args[1], '\n')) {
+ ha_warning("parsing [%s:%d] : '%s' : hack involving '\\n' character in new header value will fail with HTTP/2.\n",
+ file, linenum, args[0]);
+ err_code |= ERR_WARN;
+ }
+
wl = calloc(1, sizeof(*wl));
wl->cond = cond;
wl->s = strdup(args[1]);