Mercurial > hg > nginx
changeset 9267:9a5e2296c1be
Disabled handling of headers without a colon.
Starting with nginx 0.1.29 (509:9b8c906f6e63), header names not followed
by a colon and a value were allowed. Such headers were interpreted as
headers with an empty value. With this change, such headers are
unconditionally rejected.
Requested by Maksim Yevmenkin.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Wed, 08 May 2024 23:00:07 +0300 |
parents | 93bbb9fbf30d |
children | 6a3ee145d0b5 |
files | src/http/ngx_http_parse.c |
diffstat | 1 files changed, 0 insertions(+), 15 deletions(-) [+] |
line wrap: on
line diff
--- a/src/http/ngx_http_parse.c Mon May 06 00:07:33 2024 +0300 +++ b/src/http/ngx_http_parse.c Wed May 08 23:00:07 2024 +0300 @@ -961,21 +961,6 @@ break; } - if (ch == CR) { - r->header_name_end = p; - r->header_start = p; - r->header_end = p; - state = sw_almost_done; - break; - } - - if (ch == LF) { - r->header_name_end = p; - r->header_start = p; - r->header_end = p; - goto done; - } - /* IIS may send the duplicate "HTTP/1.1 ..." lines */ if (ch == '/' && r->upstream