Description
Hot off the trail of http://golang.org/issue/11930, I think I'm getting a hang of this. I've found yet another class of read error which escapes the checks just put in place: broken HTTP request trailers. Properly crafted requests with broken trailers could pass through one level of protective proxy to unwanted requests to a Go backend.
As discussed in https://go-review.googlesource.com/#/c/12909, some race conditions and other problems still exist that are all worth fixing with a small refactoring, but that would be overkill for the looming 1.5 release. (I've got a working draft to share soon, though)
Using the plumbing just introduced to fix #11930, a surgical fix to the broken trailer problem is fairly trivial. I'll have a CL up momentarily.