BUG/MEDIUM: http-htx: Don't use data from HTX message to update authority

When a host header value is updated, the authority can also be updated
accordingly. When it is performed, we must not use the new host header value
from the HTX message. Instead we must use the data passed as argument. It is
unexpected but the host header can have several comma-separated values.
Using the full header value can lead to unexpected result.

Note: having multiple comma-separated values for the host header should not
      be supported. The comma should be part of the host value. But it is
      quite ambiguous. This will be fixed in another commit.

This patch must be backported to all stable versions.

diff --git a/src/http_htx.c b/src/http_htx.c
index c803563645b3066c87edec227e8d4431dd8efeb5..c25ab6991743bf9998e55d3e38d138631a4926c2 100644 (file)
--- a/src/http_htx.c
+++ b/src/http_htx.c
@@ -669,7 +669,6 @@ int http_replace_header_value(struct htx *htx, struct http_hdr_ctx *ctx, const s
        blk = htx_replace_blk_value(htx, blk, ist2(start, len), data);
        if (!blk)
                goto fail;
-
        v = htx_get_blk_value(htx, blk);
 
        sl = http_get_stline(htx);
@@ -677,7 +676,7 @@ int http_replace_header_value(struct htx *htx, struct http_hdr_ctx *ctx, const s
                struct ist n = htx_get_blk_name(htx, blk);
 
                if (isteq(n, ist("host"))) {
-                       if (!http_update_authority(htx, sl, v))
+                       if (!http_update_authority(htx, sl, data))
                                goto fail;
                        ctx->blk = NULL;
                        http_find_header(htx, ist("host"), ctx, 1);