Pseudo-header with empty value results in RST_STREAM with PROTOCOL_ERROR reason#13238
Pseudo-header with empty value results in RST_STREAM with PROTOCOL_ERROR reason#13238
Conversation
|
@normanmaurer @chrisvest @idelpivnitskiy I added this validation to |
|
@violetagg I think its fine... lets wait for @idelpivnitskiy @chrisvest |
chrisvest
left a comment
There was a problem hiding this comment.
DefaultHttp2Headers is the correct place to validate this. The HpackDecoder should only validate stuff that go across multiple headers or are specific to the request type.
codec-http2/src/main/java/io/netty/handler/codec/http2/DefaultHttp2Headers.java
Outdated
Show resolved
Hide resolved
codec-http2/src/main/java/io/netty/handler/codec/http2/DefaultHttp2Headers.java
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
We need to protect this validation by a configuration flag to make sure users can disable it.
Taking into account the RFC requirements to always run this validation (at least by default), the fact that validateValues == false by default, I would propose to use validate flag that controls header name validation. While in practice the check validates a value, I would say that technically it's a "validation of a preudo-header name". The purpose of validateValues is quite different. It's disabled by default because it will cause significant perf overhead for most users.
There was a problem hiding this comment.
Please check the new commit.
There was a problem hiding this comment.
Taking into account the RFC requirements to always run this validation (at least by default), the fact that validateValues == false by default, I would propose to use validate flag that controls header name validation.
@idelpivnitskiy Is this "always" requirement any different from checking that byte ranges for values are valid, which we skip by default?
There was a problem hiding this comment.
The biggest differences are:
- the cost associated with a check
- how likely is it to hit the problem (messing up with pseudo-headers seems more likely)
- how it will affect the h2-protocol related flow vs user's business logic (having a bad char in some header won't impact h2 codec or h2->h1 transition)
- is the header name required to perform the check
This case seems to me close to TE header validation we have in HpackDecoder.
|
Will this change be available with the next Netty version? |
…COL_ERROR reason Motivation: According to RFC9113 https://datatracker.ietf.org/doc/html/rfc9113#section-8.3.1 Pseudo-header ':path' must not have empty value. Modifications: - Extend DefaultHttp2Headers#validateValue with validation for pseudo-header :path - Add junit test Result: Pseudo-header :path with empty value results in RST_STREAM with PROTOCOL_ERROR reason. Related to netty#13235
Perform the validation only when pseudo headers is enabled.
…ROR reason (netty#13238) Motivation: According to RFC9113 https://datatracker.ietf.org/doc/html/rfc9113#section-8.3.1 Pseudo-header ':path' must not have empty value. Modifications: - Extend DefaultHttp2Headers#validateValue with validation for pseudo-header :path - Add junit test Result: Pseudo-header :path with empty value results in RST_STREAM with PROTOCOL_ERROR reason. Related to netty#13235
- Exclude tests in Http2ConnectionInforTests with HOST header empty netty/netty#13238 - Fix unix domain socket tests in HttpServerTests as local and remote addresses are now available netty/netty#13323
- Exclude tests in Http2ConnectionInforTests with HOST header empty netty/netty#13238 - Fix unix domain socket tests in HttpServerTests as local and remote addresses are now available netty/netty#13323
- Exclude tests in Http2ConnectionInforTests with HOST header empty netty/netty#13238 - Fix unix domain socket tests in HttpServerTests as local and remote addresses are now available netty/netty#13323
Motivation:
According to
RFC9113https://datatracker.ietf.org/doc/html/rfc9113#section-8.3.1
Pseudo-header
:pathmust not have empty value.Modifications:
DefaultHttp2Headers#validateValuewith validation for pseudo-header:pathResult:
Pseudo-header
:pathwith empty value results inRST_STREAMwithPROTOCOL_ERRORreason.Related to #13235