bug 528288 - require spdy compliant headers to be lower case and without chunked encodings r=honzab
authorPatrick McManus <mcmanus@ducksong.com>
Fri, 02 Dec 2011 10:28:57 -0500
changeset 81181 389dc74f60e7d978b2b85bb3ce763b5b1288f134
parent 81180 9cf19a02362486574eeb9838347c0859397c4938
child 81182 d93829e39b3f39e2b8859bb436b171c13b1e06c8
push id21564
push usermak77@bonardo.net
push dateSat, 03 Dec 2011 11:10:17 +0000
treeherdermozilla-central@a68c96c1d8e0 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewershonzab
bugs528288
milestone11.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
bug 528288 - require spdy compliant headers to be lower case and without chunked encodings r=honzab patch 5
netwerk/protocol/http/SpdySession.cpp
netwerk/protocol/http/SpdyStream.cpp
--- a/netwerk/protocol/http/SpdySession.cpp
+++ b/netwerk/protocol/http/SpdySession.cpp
@@ -506,21 +506,47 @@ SpdySession::ConvertHeaders(nsDependentC
     if (nameString.FindChar(0) != -1)
       return NS_ERROR_ILLEGAL_VALUE;
 
     if (lastHeaderByte < nvpair + 4 + nameLen)
       return NS_ERROR_ILLEGAL_VALUE;
     PRUint16 valueLen = (nvpair[2 + nameLen] << 8) + nvpair[3 + nameLen];
     if (lastHeaderByte < nvpair + 4 + nameLen + valueLen)
       return NS_ERROR_ILLEGAL_VALUE;
+    
+    // Look for upper case characters in the name. They are illegal.
+    for (char *cPtr = nameString.BeginWriting();
+         cPtr && cPtr < nameString.EndWriting();
+         ++cPtr) {
+      if (*cPtr <= 'Z' && *cPtr >= 'A') {
+        nsCString toLog(nameString);
+
+        LOG(("SpdySession::ConvertHeaders session=%p stream=%p "
+             "upper case response header found. [%s]\n",
+             this, mFrameDataStream, toLog.get()));
+
+        return NS_ERROR_ILLEGAL_VALUE;
+      }
+    }
+
+    // HTTP Chunked responses are not legal over spdy. We do not need
+    // to look for chunked specifically because it is the only HTTP
+    // allowed default encoding and we did not negotiate further encodings
+    // via TE
+    if (nameString.Equals(NS_LITERAL_CSTRING("transfer-encoding"))) {
+      LOG(("SpdySession::ConvertHeaders session=%p stream=%p "
+           "transfer-encoding found. Chunked is invalid and no TE sent.",
+           this, mFrameDataStream));
+
+      return NS_ERROR_ILLEGAL_VALUE;
+    }
 
     if (!nameString.Equals(NS_LITERAL_CSTRING("version")) &&
         !nameString.Equals(NS_LITERAL_CSTRING("status")) &&
         !nameString.Equals(NS_LITERAL_CSTRING("connection")) &&
-        !nameString.Equals(NS_LITERAL_CSTRING("transfer-encoding")) &&
         !nameString.Equals(NS_LITERAL_CSTRING("keep-alive"))) {
       nsDependentCSubstring valueString =
         Substring (reinterpret_cast<const char *>(nvpair) + 4 + nameLen,
                    reinterpret_cast<const char *>(nvpair) + 4 + nameLen +
                    valueLen);
       
       mFlatHTTPResponseHeaders.Append(nameString);
       mFlatHTTPResponseHeaders.Append(NS_LITERAL_CSTRING(": "));
--- a/netwerk/protocol/http/SpdyStream.cpp
+++ b/netwerk/protocol/http/SpdyStream.cpp
@@ -375,17 +375,17 @@ SpdyStream::ParseHttpRequestHeaders(cons
     // all header names are lower case in spdy
     ToLowerCase(name);
 
     if (name.Equals("method") ||
         name.Equals("version") ||
         name.Equals("scheme") ||
         name.Equals("keep-alive") ||
         name.Equals("accept-encoding") ||
-        name.Equals("TE") ||
+        name.Equals("te") ||
         name.Equals("connection") ||
         name.Equals("proxy-connection") ||
         name.Equals("url"))
       continue;
     
     nsCString *val = hdrHash.Get(name);
     if (!val) {
       val = new nsCString();