From: Christopher Faulet Date: Tue, 14 May 2024 09:42:21 +0000 (+0200) Subject: BUG/MINOR: h1: Check authority for non-CONNECT methods only if a scheme is found X-Git-Tag: v3.0-dev12~37 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d724b0d147c258eec00c82305b88ea46fff52998;p=thirdparty%2Fhaproxy.git BUG/MINOR: h1: Check authority for non-CONNECT methods only if a scheme is found When a non-CONNECT H1 request is parsed, the authority is compared to the host header value, to validate that they are the same. However there is an issue here when a relative path is used (not begining with a '/'). In this case, the path is considered as the authority and will be erroneously compared to the host header value. It is observable with this kind of request: GET admin HTTP/1.1 Host: www.mysite.com In this case "admin" is parsed as an authority while it is in fact a path. At this step, it is not a big deal because it just happens on the very first checks on the message during the parsing. However, the same happens when the authority is updated. This will be fixed in another commit Note this kind of request is invalid because the path does not start with a '/'. But, till now, HAProxy does not reject it. This patch is related to issue #2565. It must be backported as far as 2.4. --- diff --git a/src/h1.c b/src/h1.c index e4181493fb..a1393ca00b 100644 --- a/src/h1.c +++ b/src/h1.c @@ -1100,11 +1100,15 @@ int h1_headers_to_hdr_list(char *start, const char *stop, if (!(h1m->flags & (H1_MF_HDRS_ONLY|H1_MF_RESP))) { struct http_uri_parser parser = http_uri_parser_init(sl.rq.u); - struct ist scheme, authority; + struct ist scheme, authority = IST_NULL; int ret; scheme = http_parse_scheme(&parser); - authority = http_parse_authority(&parser, 1); + if (istlen(scheme) || sl.rq.meth == HTTP_METH_CONNECT) { + /* Expect an authority if for CONNECT method or if there is a scheme */ + authority = http_parse_authority(&parser, 1); + } + if (sl.rq.meth == HTTP_METH_CONNECT) { struct ist *host = ((host_idx != -1) ? &hdr[host_idx].v : NULL);