As stated in the RCF7230#5.4, a client must send a field-value for the header
host that is identical to the authority if the target URI includes one. So, now,
by default, if the authority, when provided, does not match the value of the
header host, an error is triggered. To mitigate this behavior, it is possible to
set the option "accept-invalid-http-request". In that case, an http error is
captured without interrupting the request parsing.
}
}
else if (isteqi(n, ist("host"))) {
- if (host_idx == -1)
+ if (host_idx == -1) {
+ struct ist authority;
+
+ authority = http_get_authority(sl.rq.u, 1);
+ if (authority.len && !isteqi(v, authority)) {
+ if (h1m->err_pos < -1) {
+ state = H1_MSG_HDR_L2_LWS;
+ goto http_msg_invalid;
+ }
+ if (h1m->err_pos == -1) /* capture the error pointer */
+ h1m->err_pos = ptr - start + skip; /* >= 0 now */
+ }
host_idx = hdr_count;
+ }
else {
if (!isteqi(v, hdr[host_idx].v)) {
state = H1_MSG_HDR_L2_LWS;
projects / thirdparty / haproxy.git / commitdiff
