haproxy public development tree
Go to file
Christopher Faulet 6e6c7b1284 MEDIUM: http-ana: Refuse invalid 101-switching-protocols responses
A 101-switching-protocols response must contain a Connection header with the
Upgrade option. And this response must only be received from a server if the
client explicitly requested a protocol upgrade. Thus, the request must also
contain a Connection header with the Upgrade option. If not, a
502-bad-gateway response is returned to the client. This way, a tunnel is
only established if both sides are agree.

It is closer to what the RFC says, but it remains a bit flexible because
there is no check on the Upgrade header itself. However, that's probably
enough to ensure a tunnel is not established when not requested.

This one is not tagged as a bug. But it may be backported, at least to
2.3. It relies on :

  * MINOR: htx/http-ana: Save info about Upgrade option in the Connection header
2021-01-28 16:27:48 +01:00
.github CI: Fix DEBUG_STRICT definition for Coverity 2021-01-27 12:45:07 +01:00
contrib MINOR: contrib/prometheus-exporter: use fill_sv_stats for server dump 2021-01-26 09:24:57 +01:00
doc DOC: Improve documentation of the various hdr() fetches 2021-01-26 09:22:43 +01:00
examples CLEANUP: assorted typo fixes in the code and comments 2020-06-26 11:27:28 +02:00
include MINOR: htx/http-ana: Save info about Upgrade option in the Connection header 2021-01-28 16:27:48 +01:00
reg-tests REGTESTS: set_ssl_server_cert.vtc: check the sha1 from the server 2021-01-28 16:00:22 +01:00
scripts BUG/MINOR: reg-tests: fix service dependency script 2021-01-11 14:16:06 +01:00
src MEDIUM: http-ana: Refuse invalid 101-switching-protocols responses 2021-01-28 16:27:48 +01:00
tests MEDIUM: config: remove the deprecated and dangerous global "debug" directive 2020-10-09 19:18:45 +02:00
.cirrus.yml CI: cirrus: drop CentOS 6 builds 2020-12-16 09:21:51 +01:00
.gitattributes MINOR: Commit .gitattributes 2020-09-05 16:21:59 +02:00
.gitignore CLEANUP: Update .gitignore 2020-09-12 13:11:24 +02:00
.travis.yml CI: travis-ci: drop coverity scan builds 2020-12-22 19:39:23 +01:00
BRANCHES DOC: fix some spelling issues over multiple files 2021-01-08 14:53:47 +01:00
CHANGELOG [RELEASE] Released version 2.4-dev6 2021-01-22 16:19:46 +01:00
CONTRIBUTING DOC: fix some spelling issues over multiple files 2021-01-08 14:53:47 +01:00
INSTALL DOC: fix some spelling issues over multiple files 2021-01-08 14:53:47 +01:00
LICENSE
MAINTAINERS DOC: Add maintainers for the Prometheus exporter 2021-01-08 15:14:15 +01:00
Makefile MINOR: build: discard echoing in help target 2021-01-18 08:58:33 +01:00
README DOC: create a BRANCHES file to explain the life cycle 2019-06-15 22:00:14 +02:00
ROADMAP DOC: update the outdated ROADMAP file 2019-06-15 21:59:54 +02:00
SUBVERS
VERDATE [RELEASE] Released version 2.4-dev6 2021-01-22 16:19:46 +01:00
VERSION [RELEASE] Released version 2.4-dev6 2021-01-22 16:19:46 +01:00

The HAProxy documentation has been split into a number of different files for
ease of use.

Please refer to the following files depending on what you're looking for :

  - INSTALL for instructions on how to build and install HAProxy
  - BRANCHES to understand the project's life cycle and what version to use
  - LICENSE for the project's license
  - CONTRIBUTING for the process to follow to submit contributions

The more detailed documentation is located into the doc/ directory :

  - doc/intro.txt for a quick introduction on HAProxy
  - doc/configuration.txt for the configuration's reference manual
  - doc/lua.txt for the Lua's reference manual
  - doc/SPOE.txt for how to use the SPOE engine
  - doc/network-namespaces.txt for how to use network namespaces under Linux
  - doc/management.txt for the management guide
  - doc/regression-testing.txt for how to use the regression testing suite
  - doc/peers.txt for the peers protocol reference
  - doc/coding-style.txt for how to adopt HAProxy's coding style
  - doc/internals for developer-specific documentation (not all up to date)