diff options
author | Glenn Strauss <gstrauss@gluelogic.com> | 2018-10-07 16:17:37 -0400 |
---|---|---|
committer | Glenn Strauss <gstrauss@gluelogic.com> | 2018-10-07 20:10:14 -0400 |
commit | d825966739c869eac7f5e5613fed986adf673467 (patch) | |
tree | 5ab69e6c6d96d0326c189a8fcb599003bbf1fcc3 | |
parent | 7a7f4f987aa8443aa3898f484539f707e213bcba (diff) | |
download | lighttpd-git-d825966739c869eac7f5e5613fed986adf673467.tar.gz |
[core] reject Transfer-Encoding from proxy (#2913)
reject Transfer-Encoding from backend for mod_proxy.
mod_proxy currently sends HTTP/1.0 requests to the backend,
for which Transfer-Encoding: chunked is not a valid response header.
Additionally, there is no value to Transfer-Encoding: chunked from
backend since lighttpd mod_proxy sends HTTP/1.0 request along with
Connection: close, so the backend closing the socket is the end of
the response from the backend.
x-ref:
"Reverse proxy does not work with sandstorm"
https://redmine.lighttpd.net/issues/2913
-rw-r--r-- | src/http-header-glue.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/src/http-header-glue.c b/src/http-header-glue.c index b2da3603..fda60330 100644 --- a/src/http-header-glue.c +++ b/src/http-header-glue.c @@ -953,7 +953,14 @@ static int http_response_process_headers(server *srv, connection *con, http_resp con->response.content_length = strtoul(value, NULL, 10); break; case HTTP_HEADER_TRANSFER_ENCODING: - if (opts->backend == BACKEND_PROXY) continue; + if (opts->backend == BACKEND_PROXY) { + log_error_write(srv, __FILE__, __LINE__, "s", + "proxy backend sent invalid response header " + "(Transfer-Encoding) to HTTP/1.0 request"); + con->http_status = 502; /* Bad Gateway */ + con->mode = DIRECT; + return -1; + } break; default: break; |