git.kaiwu.me - haproxy.git/commit

]> git.kaiwu.me - haproxy.git/commit

projects / haproxy.git / commit

summary | shortlog | log | commit | commitdiff | tree
(parent: 88765b6) | patch

author	Christopher Faulet <cfaulet@haproxy.com>
	Wed, 25 Feb 2026 15:00:39 +0000 (16:00 +0100)
committer	Christopher Faulet <cfaulet@haproxy.com>
	Thu, 5 Mar 2026 14:34:46 +0000 (15:34 +0100)
commit	7a474855b4e676e8f37ee7365606e93cff9b9933
tree	4c45038ef4f41f0abb9cb76d2fc5bdae4c4784e9	tree \| snapshot
parent	88765b69e0f6b80b9330f65955d62d884d3e6388	commit \| diff

BUG/MINOR: h1-htx: Be sure that H1 response version starts by "HTTP/"

When the response is parsed, we test the version to be sure it is
valid. However, the protocol was not tested. Now we take care that the
response version starts by "HTTP/", otherwise an error is returned.

Of course, it is still possible to by-pass this test with
"accept-unsafe-violations-in-http-response" option.

This patch could be backported to all stable versions.

diff | blob | history

haproxy upstream