Quiche, unlike nghttp2 and nghttp3 doesn't provide :status as the first psuedo header returned (and HTTP/3 itself doesn't enforce that it is, just that pseudo headers should come before "regular" ones), which curl presumes it will and therefore the h3->h1 header conversion will fail if that happens.
There's still a discussion with the quiche team going on whether this should be fixed in quiche or in curl.
The text was updated successfully, but these errors were encountered:
:status doesn't have to be the first psuedo header to arrive so this
code now makes sure to handle that. A typical HTTP/3 response of course
doesn't provide any other psuedo headers...
Fixes#4571
:status doesn't have to be the first header from quiche to arrive so
this code now makes sure to handle such events. HTTP/3 (and HTTP/2)
mandates:
"All pseudo-header fields MUST appear in the header block before regular
header fields"
Fixes#4571
Bug originally filed by @SecurityInsanity against quiche at cloudflare/quiche#248
Quiche, unlike nghttp2 and nghttp3 doesn't provide
:status
as the first psuedo header returned (and HTTP/3 itself doesn't enforce that it is, just that pseudo headers should come before "regular" ones), which curl presumes it will and therefore the h3->h1 header conversion will fail if that happens.There's still a discussion with the quiche team going on whether this should be fixed in quiche or in curl.
The text was updated successfully, but these errors were encountered: