diff options
| author | Roman Arutyunyan <arut@nginx.com> | 2026-04-15 13:49:00 +0400 |
|---|---|---|
| committer | Roman Arutyunyan <arutyunyan.roman@gmail.com> | 2026-04-16 19:47:03 +0400 |
| commit | 4e89ce224f0b3fe9c1d1bc42eca0a7afecdcafb6 (patch) | |
| tree | ce0b349ed545594081a503729b82a8dfa9f06f7a /src/http/v2 | |
| parent | ff8221b4db29b1d31ef31f01d989a57ac35a9dd0 (diff) | |
| download | nginx-4e89ce224f0b3fe9c1d1bc42eca0a7afecdcafb6.tar.gz nginx-4e89ce224f0b3fe9c1d1bc42eca0a7afecdcafb6.tar.bz2 | |
Restrict duplicate TE headers in HTTP/2 and HTTP/3
Following d3a76322cf7a, this change rejects requests which have multiple
TE headers.
Reported-by: geeknik <geeknik@protonmail.ch>
Diffstat (limited to 'src/http/v2')
| -rw-r--r-- | src/http/v2/ngx_http_v2.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/http/v2/ngx_http_v2.c b/src/http/v2/ngx_http_v2.c index 336718bad..69cb0ae09 100644 --- a/src/http/v2/ngx_http_v2.c +++ b/src/http/v2/ngx_http_v2.c @@ -3849,7 +3849,8 @@ ngx_http_v2_run_request(ngx_http_request_t *r) } if (r->headers_in.te - && (r->headers_in.te->value.len != 8 + && (r->headers_in.te->next + || r->headers_in.te->value.len != 8 || ngx_strncasecmp(r->headers_in.te->value.data, (u_char *) "trailers", 8) != 0)) { |