RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2024-12-17 00:44:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
e5ff4addb2
haproxy/include
History
Christopher Faulet 89aed32bff MINOR: mux-h1/proxy: Add a proxy option to disable clear h2 upgrade 
By default, HAProxy is able to implicitly upgrade an H1 client connection to an
H2 connection if the first request it receives from a given HTTP connection
matches the HTTP/2 connection preface. This way, it is possible to support H1
and H2 clients on a non-SSL connections. It could be a problem if for any
reason, the H2 upgrade is not acceptable. "option disable-h2-upgrade" may now be
used to disable it, per proxy. The main puprose of this option is to let an
admin to totally disable the H2 support for security reasons. Recently, a
critical issue in the HPACK decoder was fixed, forcing everyone to upgrade their
HAProxy version to fix the bug. It is possible to disable H2 for SSL
connections, but not on clear ones. This option would have been a viable
workaround.
2020-06-03 10:23:39 +02:00
..
common CLEANUP: regex: remove outdated support for regex actions 2020-06-02 17:17:13 +02:00
import
proto MINOR: ring: re-work ring attach generic API. 2020-05-31 10:37:31 +02:00
types MINOR: mux-h1/proxy: Add a proxy option to disable clear h2 upgrade 2020-06-03 10:23:39 +02:00