Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 7ef244d73b073edf3d493ed826ca1b0233c330e0
commit7ef244d73b073edf3d493ed826ca1b0233c330e0[log] [tgz]
authorAmaury Denoyelle <adenoyelle@haproxy.com>Fri Aug 13 09:43:24 2021 +0200
committerWilly Tarreau <w@1wt.eu>Tue Aug 17 10:22:20 2021 +0200
tree1a3553edc026e7fe835f44199c51a3fc7d30ad01
parentb5d2b9e154d78e4075db163826c5e0f6d31b2ab1 [diff]
REGTESTS: add a test to prevent h2 desync attacks

This test ensure that h2 pseudo headers are properly checked for invalid
characters and the host header is ignored if :authority is present. This
is necessary to prevent h2 desync attacks as described here
https://portswigger.net/research/http2
1 file changed
tree: 1a3553edc026e7fe835f44199c51a3fc7d30ad01
  1. .github/
  2. addons/
  3. admin/
  4. dev/
  5. doc/
  6. examples/
  7. include/
  8. reg-tests/
  9. scripts/
  10. src/
  11. tests/
  12. .cirrus.yml
  13. .gitattributes
  14. .gitignore
  15. .travis.yml
  16. BRANCHES
  17. CHANGELOG
  18. CONTRIBUTING
  19. INSTALL
  20. LICENSE
  21. MAINTAINERS
  22. Makefile
  23. README
  24. ROADMAP
  25. SUBVERS
  26. VERDATE
  27. VERSION