HTTP codec auto may incorrectly select http/2 #8229
Description
When the HTTP connection manager codec is set to type AUTO, it searches the first buffer on the connection for the string PRI * HTTP/2. If that string occurs anywhere in the buffer, Envoy attempts to negotiate HTTP/2 and fails. If the string appears in an HTTP header or request body it can trigger HTTP/2 incorrectly.
Repro steps:
Start envoy with the config below and issue a request containing the string:
$ curl -X POST --data "something something PRI * HTTP/2" localhost:8000/foo
curl: (52) Empty reply from server
Log reports:
[2019-09-12 14:59:50.891][3032142][debug][http] [external/envoy/source/common/http/conn_manager_impl.cc:284] [C4] dispatch error: Received bad client magic byte string
Config:
node:
id: "plain"
cluster: "plain"
static_resources:
listeners:
- name: plain
address:
socket_address:
protocol: TCP
address: 0.0.0.0
port_value: 8000
filter_chains:
- filters:
- name: envoy.http_connection_manager
config:
idle_timeout: 1s
codec_type: auto
stat_prefix: ingress_http
route_config:
name: plain
virtual_hosts:
- name: plain
domains:
- "*"
routes:
- match:
prefix: "/"
route:
cluster: plain
http_filters:
- name: envoy.router
typed_config: {}
clusters:
- name: plain
connect_timeout: 0.25s
type: STATIC
lb_policy: round_robin
hosts:
- socket_address:
address: "127.0.0.1"
port_value: 8080
admin:
access_log_path: "/dev/null"
address:
socket_address:
address: 0.0.0.0
port_value: 9000