Per RPC callback GetRequestMetadata fails when key contains colon or slash #613
Comments
|
Well shoot, this might be related to #576 |
Also add client IP address for open leases to web ui. These changes are in one commit because it's too late to start breaking it apart and I just want it commited. Metadata name changes because of what appears to be a gRPC bug: grpc/grpc-go#613
|
@bradfitz can you check why https://github.com/golang/net/blob/4876518f9e71663000c348837735820161a42df7/http2/http2.go#L348 does not list all ascii? colon and slash should be there. |
|
@iamqizhao, it doesn't list all ASCII because it's not a table of ASCII. It's a table for whether it's a valid token, as its name suggests. See: // validHeaderFieldName reports whether v is a valid header field name (key).
// RFC 7230 says:
// header-field = field-name ":" OWS field-value OWS
// field-name = token
// token = 1*tchar
// tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "-" / "." /
// "^" / "_" / "`" / "|" / "~" / DIGIT / ALPHA
// Further, http2 says:
// "Just as in HTTP/1.x, header field names are strings of ASCII
// characters that are compared in a case-insensitive
// fashion. However, header field names MUST be converted to
// lowercase prior to their encoding in HTTP/2. "
func validHeaderFieldName(v string) bool {
if len(v) == 0 {
return false
}
for _, r := range v {
if int(r) >= len(isTokenTable) || ('A' <= r && r <= 'Z') {
return false
}
if !isTokenTable[byte(r)] {
return false
}
}
return true
} |
A header field name cannot contain a colon. |
|
I see. BTW, this is a google example on checking illegal chars on reading path does not give good error info. Can you add it? We can definitely add the checking in gRPC but it seems it should go into http2 frame code. If you are short of time, we can it to gRPC as a short term solution. |
|
So the valid keys for GetRequestMetadata are whatever the underlying data transport allows in "headers or other contexts"? This is not clear from: And it implies a leaky abstraction, where key-values break when underlying transport changes, doesn't it? |
That interface could definitely use some more docs saying what the keys are allowed to be. And the callers of that interface should verify the docs were obeyed and fail earlier, before it gets to the wire. |
It should be already. ErrorDetail would say that. |
|
Sorry for confusion. I meant the checking should be added to the writing path. ErrorDetail is only for reading path. |
|
It's a little gross because hpack allows a larger set of things than http2 (which just uses hpack) allows, and a bunch of the code in gRPC and elsewhere is using hpack directly to encode things. I suppose I can make the hpack encoder assume http2 rules by default, unless you opt-in to the full hpack encoding possibilities. |
|
@bradfitz in that case, it seems it makes sense grpc http2 transport enforces the rule by itself instead of relying on http2 framer. @ThomasHabets I actually agree with you regarding the abstraction. I am going to talk to the team to see how we can improve it. |
gRPC doesn't look at the error return value from |
|
Why shouldn't those errors be checked? |
|
@ThomasBets, a |
All RPCs fail when key in the returned may contains slash or colon. This used to work, so is it not supposed to?
Error is unhelpful
rpc error: code = 13 desc =The text was updated successfully, but these errors were encountered: