From: Amaury Denoyelle <adenoyelle@haproxy.com>
Date: Wed, 7 Jul 2021 08:49:28 +0000 (+0200)
Subject: MEDIUM: h2: apply scheme-based normalization on h2 requests
X-Git-Tag: v2.5-dev2~34
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4ca0f363a18597bcc1e776bdadae0cb2b1824482;p=thirdparty%2Fhaproxy.git

MEDIUM: h2: apply scheme-based normalization on h2 requests

Apply the rfc 3986 scheme-based normalization on h2 requests. This
process will be executed for most of requests because scheme and
authority are present on every h2 requests, except CONNECT. However, the
normalization will only be applied on requests with defaults http port
(http/80 or https/443) explicitly specified which most http clients
avoid.

This change is notably useful for http2 websockets with Firefox which
explicitly specify the 443 default port on Extended CONNECT. In this
case, users can be trapped if they are using host routing without
removing the port. With the scheme-based normalization, the default port
will be removed.

To backport this change, it is required to backport first the following
commits:
* MINOR: http: implement http_get_scheme
* MEDIUM: http: implement scheme-based normalization
---

diff --git a/src/h2.c b/src/h2.c
index 27a7a4e900..ec8e2fe975 100644
--- a/src/h2.c
+++ b/src/h2.c
@@ -31,6 +31,7 @@
 #include <haproxy/h2.h>
 #include <haproxy/http-hdr-t.h>
 #include <haproxy/http.h>
+#include <haproxy/http_htx.h>
 #include <haproxy/htx.h>
 #include <import/ist.h>
 
@@ -553,6 +554,10 @@ int h2_make_htx_request(struct http_hdr *list, struct htx *htx, unsigned int *ms
 	if (!htx_add_endof(htx, HTX_BLK_EOH))
 		goto fail;
 
+	/* proceed to scheme-based normalization on target-URI */
+	if (fields & H2_PHDR_FND_SCHM)
+		http_scheme_based_normalize(htx);
+
 	ret = 1;
 	return ret;