MEDIUM: http: always reject the "PRI" method This method was reserved for the HTTP/2 connection preface, must never be used and must be rejected. In normal situations it doesn't happen, but it may be visible if a TCP frontend has alpn "h2" enabled, and forwards to an HTTP backend which tries to parse the request. Before this patch it would pass the wrong request to the backend server, now it properly returns 400 bad req. This patch should probably be backported to stable versions.

commit: 916597903cc0e1022db33e01dd832aee76218b99 [log] [tgz]
author: Willy Tarreau <w@1wt.eu> Fri Nov 10 19:38:10 2017 +0100
committer: Willy Tarreau <w@1wt.eu> Fri Nov 10 19:38:10 2017 +0100
tree: c5f7ba00642546fa0b3e5a9e0f2df42e625ad598
parent: 387bd4f69f675d7e35895ce35d04a8270eec45b6 [diff]
diff --git a/src/proto_http.c b/src/proto_http.c
index 9909eed..88e2f06 100644
--- a/src/proto_http.c
+++ b/src/proto_http.c

@@ -1899,6 +1899,12 @@
 	/* we can make use of server redirect on GET and HEAD */
 	if (txn->meth == HTTP_METH_GET || txn->meth == HTTP_METH_HEAD)
 		s->flags |= SF_REDIRECTABLE;
+	else if (txn->meth == HTTP_METH_OTHER &&
+		 msg->sl.rq.m_l == 3 && memcmp(req->buf->p, "PRI", 3) == 0) {
+		/* PRI is reserved for the HTTP/2 preface */
+		msg->err_pos = 0;
+		goto return_bad_req;
+	}
 
 	/*
 	 * 2: check if the URI matches the monitor_uri.
commit	916597903cc0e1022db33e01dd832aee76218b99	[log] [tgz]
author	Willy Tarreau <w@1wt.eu>	Fri Nov 10 19:38:10 2017 +0100
committer	Willy Tarreau <w@1wt.eu>	Fri Nov 10 19:38:10 2017 +0100
tree	c5f7ba00642546fa0b3e5a9e0f2df42e625ad598
parent	387bd4f69f675d7e35895ce35d04a8270eec45b6 [diff]