Skip to content

http: send 400 for HTTP/2 and HTTP/3 headers/trailers with underscores#45111

Draft
Winbobob wants to merge 6 commits into
envoyproxy:mainfrom
Winbobob:zheweihu/f/fix-24466-v2
Draft

http: send 400 for HTTP/2 and HTTP/3 headers/trailers with underscores#45111
Winbobob wants to merge 6 commits into
envoyproxy:mainfrom
Winbobob:zheweihu/f/fix-24466-v2

Conversation

@Winbobob
Copy link
Copy Markdown
Member

@Winbobob Winbobob commented May 18, 2026

Commit Message:
http: send 400 for HTTP/2 and HTTP/3 headers/trailers with underscores when configured to reject

Additional Description:
When the connection is configured with REJECT_REQUEST for headers_with_underscores_action, the HTTP/2 and HTTP/3 codecs now send a 400 response instead of resetting the stream. This makes their behavior consistent with HTTP/1.

This is a rebased revival of #35393.

Risk Level: Low — gated by the existing REJECT_REQUEST setting; only the failure response changes (reset → 400).
Testing: Existing unit and integration tests updated; new UHV trailer-underscore acceptance test added.
Docs Changes: Updated header_validator.proto and conn_manager_impl.h comments to reflect H/2 + H/3 behavior.
Release Notes: Added bug_fix entry in changelogs/current.yaml.
Platform Specific Features: N/A
Fixes #24466
Fixes #24735

@repokitteh-read-only
Copy link
Copy Markdown

repokitteh-read-only Bot commented May 18, 2026

As a reminder, PRs marked as draft will not be automatically assigned reviewers,
or be handled by maintainer-oncall triage.

Please mark your PR as ready when you want it to be reviewed!

🐱

Caused by: #45111 was opened by Winbobob.

see: more, trace.

@Winbobob Winbobob force-pushed the zheweihu/f/fix-24466-v2 branch 5 times, most recently from db4afa4 to 073053d Compare May 18, 2026 07:44
@Winbobob
http: gate H/2 send-400-for-underscored-headers behind runtime guard
f9e34ba 
When UHV is enabled and headers_with_underscores_action is REJECT_REQUEST,
HCM now sends a 400 response for HTTP/2 instead of resetting the stream,
matching HTTP/1 behavior. The new behavior is gated on the runtime guard
envoy.reloadable_features.http2_h3_send_400_for_underscored_headers
(enabled by default). HTTP/3 continues to reset pending follow-up work
for the QUIC stream-lifecycle issue tracked in envoyproxy#24735.

Partially fixes envoyproxy#24466 and envoyproxy#24735.

Signed-off-by: Zhewei Hu <zhewei.hu33@gmail.com>
@Winbobob Winbobob force-pushed the zheweihu/f/fix-24466-v2 branch from 073053d to f9e34ba Compare May 18, 2026 08:04
Zhewei Hu added 5 commits May 18, 2026 08:36
@Winbobob
http: avoid codec-error on H/2 underscore reject sending 400
7451010 
Signed-off-by: Zhewei Hu <zhewehu@microsoft.com>
@Winbobob
http: only gate trailer underscore rejection; preserve reset for othe…
0825e0b 
…r trailer errors

Signed-off-by: Zhewei Hu <zhewehu@microsoft.com>
@Winbobob
http: restore H/1 sendLocalReply in validateTrailers; gate only H/2 u…
bb1e2db 
…nderscore path

Signed-off-by: Zhewei Hu <zhewehu@microsoft.com>
@Winbobob
test: fix Http2SendsLocalReply trailer test to use InvalidUnderscore …
70951e4 
…details

Signed-off-by: Zhewei Hu <zhewehu@microsoft.com>
@Winbobob
style: apply clang-format
d55d92e 
Signed-off-by: Zhewei Hu <zhewehu@microsoft.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

UHV: harmonize response to invalid request trailers for all codecs H/2 codec resets streams rejected due to headers with underscores

1 participant

@Winbobob