RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-01-10 16:00:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
haproxy public development tree
20,490 Commits 3 Branches 372 Tags 58 MiB
C 98.1%
Shell 0.8%
Makefile 0.6%
Python 0.2%
Lua 0.1%
d13a80abb7
Go to file
Willy Tarreau d13a80abb7 BUG/MAJOR: h3: reject header values containing invalid chars 
In practice it's exactly the same for h3 as 54f53ef7c ("BUG/MAJOR: h2:
reject header values containing invalid chars") was for h2: we must
make sure never to accept NUL/CR/LF in any header value because this
may be used to construct splitted headers on the backend. Hence we
apply the same solution. Here pseudo-headers, headers and trailers are
checked separately, which explains why we have 3 locations instead of
2 for h2 (+1 for response which we don't have here).

This is marked major for consistency and due to the impact if abused,
but the reality is that at the time of writing, this problem is limited
by the scarcity of the tools which would permit to build such a request
in the first place. But this may change over time.

This must be backported to 2.6. This depends on the following commit
that exposes the filtering function:

    REORG: http: move has_forbidden_char() from h2.c to http.h
2023-08-08 19:02:24 +02:00
.github CI: explicitely highlight VTest result section if there's something 2023-07-17 15:56:53 +02:00
addons MINOR: tree-wide: use free_acl_cond() where relevant 2023-05-11 15:37:04 +02:00
admin MINOR: acme.sh: add the deploy script for acme.sh in admin directory 2023-04-26 17:32:15 +02:00
dev DEV: add a Lua helper script for SSL keys logging 2023-05-24 16:08:23 +02:00
doc MINOR: acl: add acl() sample fetch 2023-08-01 10:49:06 +02:00
examples EXAMPLES: maintain haproxy 2.8 retrocompatibility for lua mailers script 2023-07-11 16:04:22 +02:00
include REORG: http: move has_forbidden_char() from h2.c to http.h 2023-08-08 19:02:24 +02:00
reg-tests REGTESTS: Test SPLICE feature is enabled to execute script about splicing 2023-08-04 15:08:06 +02:00
scripts SCRIPTS: publish-release: update the umask to keep group write access 2023-05-24 22:49:12 +02:00
src BUG/MAJOR: h3: reject header values containing invalid chars 2023-08-08 19:02:24 +02:00
tests TESTS: add a unit test for one_among_mask() 2022-06-21 20:29:57 +02:00
.cirrus.yml CI: cirrus-ci: bump FreeBSD image to 13-1 2023-04-23 09:44:53 +02:00
.gitattributes
.gitignore CONTRIB: Add vi file extensions to .gitignore 2023-06-02 18:14:34 +02:00
.mailmap
.travis.yml
BRANCHES
BSDmakefile BUILD: makefile: commit the tiny FreeBSD makefile stub 2023-05-24 17:17:36 +02:00
CHANGELOG [RELEASE] Released version 2.9-dev2 2023-07-21 20:29:42 +02:00
CONTRIBUTING
INSTALL DOC: install: Document how to build a limited support for QUIC 2023-07-21 20:27:13 +02:00
LICENSE
MAINTAINERS CLEANUP: assorted typo fixes in the code and comments 2022-11-30 14:02:36 +01:00
Makefile MINOR: quic: Split QUIC connection code into three parts 2023-07-27 10:51:03 +02:00
README
SUBVERS
VERDATE [RELEASE] Released version 2.9-dev2 2023-07-21 20:29:42 +02:00
VERSION [RELEASE] Released version 2.9-dev2 2023-07-21 20:29:42 +02:00

README 

The HAProxy documentation has been split into a number of different files for
ease of use.

Please refer to the following files depending on what you're looking for :

  - INSTALL for instructions on how to build and install HAProxy
  - BRANCHES to understand the project's life cycle and what version to use
  - LICENSE for the project's license
  - CONTRIBUTING for the process to follow to submit contributions

The more detailed documentation is located into the doc/ directory :

  - doc/intro.txt for a quick introduction on HAProxy
  - doc/configuration.txt for the configuration's reference manual
  - doc/lua.txt for the Lua's reference manual
  - doc/SPOE.txt for how to use the SPOE engine
  - doc/network-namespaces.txt for how to use network namespaces under Linux
  - doc/management.txt for the management guide
  - doc/regression-testing.txt for how to use the regression testing suite
  - doc/peers.txt for the peers protocol reference
  - doc/coding-style.txt for how to adopt HAProxy's coding style
  - doc/internals for developer-specific documentation (not all up to date)