mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 1136727 - Validate pseudo-header fields in HTTP/2. r=hurley
This commit is contained in:
parent
e973910f37
commit
475f3612b1
@ -410,6 +410,11 @@ Http2Decompressor::OutputHeader(const nsACString &name, const nsACString &value)
|
||||
}
|
||||
}
|
||||
if(isColonHeader) {
|
||||
// :status is the only pseudo-header field allowed in received HEADERS frames, PUSH_PROMISE allows the other pseudo-header fields
|
||||
if (!name.EqualsLiteral(":status") && !mIsPush) {
|
||||
LOG(("HTTP Decompressor found illegal response pseudo-header %s", name.BeginReading()));
|
||||
return NS_ERROR_ILLEGAL_VALUE;
|
||||
}
|
||||
if (mSeenNonColonHeader) {
|
||||
LOG(("HTTP Decompressor found illegal : header %s", name.BeginReading()));
|
||||
return NS_ERROR_ILLEGAL_VALUE;
|
||||
|
Loading…
Reference in New Issue
Block a user