git.kaiwu.me - nginx.git/commit

]> git.kaiwu.me - nginx.git/commit

projects / nginx.git / commit

summary | shortlog | log | commit | commitdiff | tree
(parent: 3739fe9) | patch

author	Roman Arutyunyan <arut@nginx.com>
	Thu, 26 Jun 2025 16:19:59 +0000 (20:19 +0400)
committer	Roman Arutyunyan <arutyunyan.roman@gmail.com>
	Thu, 24 Jul 2025 16:15:55 +0000 (20:15 +0400)
commit	4da771108282cd233ddc37f83ba8bd01981beeb7
tree	1543e2612cf464f8bced1ff4327ffd76923f4c33	tree \| snapshot
parent	3739fe94d1c3c844708b219776f1921bff16b56f	commit \| diff

HTTP/3: fixed handling of :authority and Host with port.

RFC 9114, Section 4.3.1. specifies a restriction for :authority and Host
coexistence in an HTTP/3 request:

: If both fields are present, they MUST contain the same value.

Previously, this restriction was correctly enforced only for portless
values. When Host contained a port, the request failed as if :authority
and Host were different, regardless of :authority presence.

This happens because the value of r->headers_in.server used for :authority
has port stripped. The fix is to use r->host_start / r->host_end instead.

src/http/v3/ngx_http_v3_request.c

diff | blob | history

nginx upstream