MINOR: h1: Reject requests if the authority does not match the header…

… host As stated in the RCF7230#5.4, a client must send a field-value for the header host that is identical to the authority if the target URI includes one. So, now, by default, if the authority, when provided, does not match the value of the header host, an error is triggered. To mitigate this behavior, it is possible to set the option "accept-invalid-http-request". In that case, an http error is captured without interrupting the request parsing.
haproxy · Oct 14, 2019 · 531b83e · 531b83e
1 parent 497ab4f
commit 531b83e
Showing 1 changed file with 13 additions and 1 deletion.
diff --git a/src/h1.c b/src/h1.c
@@ -834,8 +834,20 @@ int h1_headers_to_hdr_list(char *start, const char *stop,
 					}
 				}
 				else if (isteqi(n, ist("host"))) {
-					if (host_idx == -1)
+					if (host_idx == -1) {
+						struct ist authority;
+
+						authority = http_get_authority(sl.rq.u, 1);
+						if (authority.len && !isteqi(v, authority)) {
+							if (h1m->err_pos < -1) {
+								state = H1_MSG_HDR_L2_LWS;
+								goto http_msg_invalid;
+							}
+							if (h1m->err_pos == -1) /* capture the error pointer */
+								h1m->err_pos = ptr - start + skip; /* >= 0 now */
+						}
 						host_idx = hdr_count;
+					}
 					else {
 						if (!isteqi(v, hdr[host_idx].v)) {
 							state = H1_MSG_HDR_L2_LWS;