BUG/MEDIUM: h2: remove connection-specific headers from request h2spec rightfully outlines that we used not to reject these ones, and they may cause trouble if presented, especially "upgrade". Must be backported to 1.8.

commit: fe7c356be67335d92d41decd13468b862a562337 [log] [tgz]
author: Willy Tarreau <w@1wt.eu> Sun Dec 03 20:15:34 2017 +0100
committer: Willy Tarreau <w@1wt.eu> Sun Dec 03 21:09:18 2017 +0100
tree: 9ba03757c6a708f6532a2adf47e921f45aa47666
parent: 520886990fbc4d40bd7dd8d788d4e79326fc64c5 [diff]
diff --git a/src/h2.c b/src/h2.c
index 83ef043..64f27fe 100644
--- a/src/h2.c
+++ b/src/h2.c

@@ -179,6 +179,14 @@
 		if (isteq(list[idx].n, ist("host")))
 			fields |= H2_PHDR_FND_HOST;
 
+		/* these ones are forbidden in requests (RFC7540#8.1.2.2) */
+		if (isteq(list[idx].n, ist("connection")) ||
+		    isteq(list[idx].n, ist("proxy-connection")) ||
+		    isteq(list[idx].n, ist("keep-alive")) ||
+		    isteq(list[idx].n, ist("upgrade")) ||
+		    isteq(list[idx].n, ist("transfer-encoding")))
+			goto fail;
+
 		if (isteq(list[idx].n, ist("te")) && !isteq(list[idx].v, ist("trailers")))
 			goto fail;
commit	fe7c356be67335d92d41decd13468b862a562337	[log] [tgz]
author	Willy Tarreau <w@1wt.eu>	Sun Dec 03 20:15:34 2017 +0100
committer	Willy Tarreau <w@1wt.eu>	Sun Dec 03 21:09:18 2017 +0100
tree	9ba03757c6a708f6532a2adf47e921f45aa47666
parent	520886990fbc4d40bd7dd8d788d4e79326fc64c5 [diff]