[core] combine Cookie request headers with ';'

(thx avij)

clients should send a single Cookie header with multiple cookie values
separated with ';'.
  https://tools.ietf.org/html/rfc6265#section-4.2.1

However, HTTP/2 loosens this requirement for Cookie.
  https://tools.ietf.org/html/rfc7540#section-8.1.2
  Section 8.1.2.5 Compressing the Cookie Header Field
and some HTTP/2 clients (Chrome, Firefox) send multiple
'cookie:' headers in a HEADERS frame.

1 files changed, 13 insertions, 1 deletions

diff --git a/src/http_header.c b/src/http_header.c
index 0a218c95..5f206692 100644
--- a/src/http_header.c
+++ b/src/http_header.c
@@ -138,6 +138,15 @@ static inline void http_header_token_append(buffer * const vb, const char * cons
     buffer_append_string_len(vb, v, vlen);
 }
 
+__attribute_cold__
+static inline void http_header_token_append_cookie(buffer * const vb, const char * const v, const uint32_t vlen) {
+    /* Cookie request header must be special-cased to use ';' separator
+     * instead of ',' to combine multiple headers (if present) */
+    if (!buffer_string_is_empty(vb))
+        buffer_append_string_len(vb, CONST_STR_LEN("; "));
+    buffer_append_string_len(vb, v, vlen);
+}
+
 __attribute_pure__
 static inline buffer * http_header_generic_get_ifnotempty(const array * const a, const char * const k, const uint32_t klen) {
     data_string * const ds =
@@ -224,7 +233,10 @@ void http_header_request_append(request_st * const r, enum http_header_e id, con
     if (0 == vlen) return;
     if (id > HTTP_HEADER_OTHER) r->rqst_htags |= id;
     buffer * const vb = array_get_buf_ptr(&r->rqst_headers, k, klen);
-    http_header_token_append(vb, v, vlen);
+    if (id != HTTP_HEADER_COOKIE)
+        http_header_token_append(vb, v, vlen);
+    else
+        http_header_token_append_cookie(vb, v, vlen);
 }