moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2025-03-11 07:39:50 -04:00
Code Issues Releases Wiki Activity

CONNECT: reject TE or CL in 2xx responses

Browse Source 
A server MUST NOT send any Transfer-Encoding or Content-Length header
fields in a 2xx (Successful) response to CONNECT. (RFC 7231 section
4.3.6)

Also fixes the three test cases that did this.
This commit is contained in:
Daniel Stenberg 2016-11-29 16:22:35 +01:00
parent aab33215af
commit c50b878c15
4 changed files with 22 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
lib/http_proxy.c
View File

@ -529,6 +529,15 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
return result; return result;
} }
else if(checkprefix("Content-Length:", line_start)) { else if(checkprefix("Content-Length:", line_start)) {
if(k->httpcode/100 == 2) {
/* A server MUST NOT send any Transfer-Encoding or
Content-Length header fields in a 2xx (Successful)
response to CONNECT. (RFC 7231 section 4.3.6) */
failf(data, "Content-Length: in %03d response",
k->httpcode);
return CURLE_RECV_ERROR;
}
cl = curlx_strtoofft(line_start + cl = curlx_strtoofft(line_start +
strlen("Content-Length:"), NULL, 10); strlen("Content-Length:"), NULL, 10);
} }
@ -538,6 +547,14 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
else if(Curl_compareheader(line_start, else if(Curl_compareheader(line_start,
"Transfer-Encoding:", "Transfer-Encoding:",
"chunked")) { "chunked")) {
if(k->httpcode/100 == 2) {
/* A server MUST NOT send any Transfer-Encoding or
Content-Length header fields in a 2xx (Successful)
response to CONNECT. (RFC 7231 section 4.3.6) */
failf(data, "Transfer-Encoding: in %03d response",
k->httpcode);
return CURLE_RECV_ERROR;
}
infof(data, "CONNECT responded chunked\n"); infof(data, "CONNECT responded chunked\n");
chunked_encoding = TRUE; chunked_encoding = TRUE;
/* init our chunky engine */ /* init our chunky engine */

12
tests/data/test1097
View File

@ -15,27 +15,25 @@ HTTP proxy NTLM auth
HTTP/1.1 200 We are fine and cool HTTP/1.1 200 We are fine and cool
Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2 Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2
Content-Length: 27 Content-Length: 27
This is all fine and dandy This is all fine and dandy
</data> </data>
# This is the CONNECT response
<connect1001> <connect1001>
HTTP/1.1 200 We are fine and cool HTTP/1.1 200 We are fine and cool
Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2 Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2
Content-Length: 27
This is all fine and dandy
</connect1001> </connect1001>
<datacheck> <datacheck>
HTTP/1.1 200 We are fine and cool HTTP/1.1 200 We are fine and cool
Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2 Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2
Content-Length: 27
HTTP/1.1 200 We are fine and cool HTTP/1.1 200 We are fine and cool
Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2 Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2
Content-Length: 27 Content-Length: 27
This is all fine and dandy This is all fine and dandy
</datacheck> </datacheck>
</reply> </reply>

2
tests/data/test1230
View File

@ -23,14 +23,12 @@ mooooooo
<connect> <connect>
HTTP/1.1 200 welcome dear HTTP/1.1 200 welcome dear
Date: Thu, 09 Nov 2010 14:49:00 GMT Date: Thu, 09 Nov 2010 14:49:00 GMT
Content-Length: 0
</connect> </connect>
<datacheck> <datacheck>
HTTP/1.1 200 welcome dear HTTP/1.1 200 welcome dear
Date: Thu, 09 Nov 2010 14:49:00 GMT Date: Thu, 09 Nov 2010 14:49:00 GMT
Content-Length: 0
HTTP/1.1 200 OK HTTP/1.1 200 OK
Date: Thu, 09 Nov 2010 14:49:00 GMT Date: Thu, 09 Nov 2010 14:49:00 GMT

2
tests/data/test1525
View File

@ -14,7 +14,6 @@ CURLOPT_PROXYHEADER
<reply> <reply>
<connect> <connect>
HTTP/1.1 200 OK HTTP/1.1 200 OK
Content-Length: 17
</connect> </connect>
<data> <data>
@ -26,7 +25,6 @@ ETag: "21025-dc7-39462498"
</data> </data>
<datacheck> <datacheck>
HTTP/1.1 200 OK HTTP/1.1 200 OK
Content-Length: 17
HTTP/1.1 200 OK swsclose HTTP/1.1 200 OK swsclose
Date: Thu, 09 Nov 2010 14:49:00 GMT Date: Thu, 09 Nov 2010 14:49:00 GMT