wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 1136727 - Validate pseudo-header fields in HTTP/2. r=hurley

Browse Source
This commit is contained in:
Nate Hughes 2015-07-08 13:24:07 -07:00
parent e973910f37
commit 475f3612b1
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
netwerk/protocol/http/Http2Compression.cpp
View File

@ -410,6 +410,11 @@ Http2Decompressor::OutputHeader(const nsACString &name, const nsACString &value)
}
}
if(isColonHeader) {
// :status is the only pseudo-header field allowed in received HEADERS frames, PUSH_PROMISE allows the other pseudo-header fields
if (!name.EqualsLiteral(":status") && !mIsPush) {
LOG(("HTTP Decompressor found illegal response pseudo-header %s", name.BeginReading()));
return NS_ERROR_ILLEGAL_VALUE;
}
if (mSeenNonColonHeader) {
LOG(("HTTP Decompressor found illegal : header %s", name.BeginReading()));
return NS_ERROR_ILLEGAL_VALUE;