Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mongoose separates HTTP header names from values incorrectly #2293

Closed
kenballus opened this issue Jul 7, 2023 · 0 comments
Closed

Mongoose separates HTTP header names from values incorrectly #2293

kenballus opened this issue Jul 7, 2023 · 0 comments

Comments

@kenballus
Copy link

The HTTP standards specify that header names and values are separated by a colon. Mongoose allows them to be separated by whitespace. This is a potential vector for HTTP request smuggling.

For example, Mongoose will misinterpret the following request:

GET / HTTP/1.1\r\nContent-Length 10\r\n\r\n0123456789

Because Mongoose does not enforce that header names and values be separated by a colon, Mongoose misinterprets this request as having a Content-Length header, so it sees 0123456789 as the request's body. A standards-compliant HTTP server would reject the message because it contains an invalid header.
@kenballus kenballus changed the title Mongoose separates HTTP header values incorrectly Mongoose separates HTTP header names from values incorrectly Jul 7, 2023
@cpq cpq closed this as completed in 5dff282 Jul 7, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kenballus