Envoy forward invalid header http2 request to upstream server #31529
Comments
|
I guess the UHV is going to help here. But I don't think it fixed the case you talk about cc @yanavlasov |
|
Hi @soulxu , Seems @yanavlasov commit did not touch that part. Regards, |
|
This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or "no stalebot" or other activity occurs. Thank you for your contributions. |
github-actions
bot
added
the
stale
|
This issue has been automatically closed because it has not had activity in the last 37 days. If this issue is still valid, please ping a maintainer and ask them to label it as "help wanted" or "no stalebot". Thank you for your contributions. |
Description:
As I know, the PR #23267/ #23266 intended to keep compatibility on legacy test and system.
However, it still does not follow to standard RFC9113
Moreover, according to https://datatracker.ietf.org/doc/html/rfc7540#section-8.1.2.6
Intermediaries that process HTTP requests or responses (i.e., any
intermediary not acting as a tunnel) MUST NOT forward a malformed
request or response.
So should envoy reject the invalid/malformed http2 request by default? or at least envoy should have a parameter/flag which allows turn on/off of http2 validation?
The text was updated successfully, but these errors were encountered: