-
-
Notifications
You must be signed in to change notification settings - Fork 37
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New lines in header values #65
Comments
Let me look into it. Agoo may not be converting the |
It's outgoing, but it shouldn't be converting
Into this:
|
I believe this is also conformant:
Are there some issues with that approach that I'm not aware of? |
Yeah, it's not conformant because semicolons are used as directive separators in the Other HTTP headers (e.g. the
Based on that, it's my understanding that multiple |
Fair enough. I'll take that approach. |
Awesome, thank you so much! |
If it can wait a week or two I'd like to release with the new feature I'm working on of GraphQL subscription support. I'll have the fix in this weekend if you can live off the develop branch until the next release. |
No problem, I can wait. Thanks again |
It looks like this was fixed with 6228b64 and release with 2.10.0, yeah? |
Yes indeed. |
You're the man, thank you! |
I've run into a problem running Agoo behind an HTTP/2 capable load balancer where both Safari and curl throw a protocol error when new line characters
\n
are present in header values, specifically theSet-Cookie
header in my case. Normally, I'd use a middleware to transform the values on the way out, but the problem is with Rack and, I think, Agoo's conformance to Rack's spec.Rack's spec says:
Apparently, it's up to the handler to transform the lines into proper HTTP headers, without the new lines. There's a comment toward the bottom of that issue that illustrates what I mean and the next comment, from a Rack contributor, confirms that's what Rack expects to happen.
I can put together a working example if you'd like me to.
The text was updated successfully, but these errors were encountered: