actix/actix-web
1
0
Fork 0
mirror of https://github.com/fafhrd91/actix-web synced 2025-06-26 15:07:42 +02:00
Code Issues Releases Wiki Activity

fix parsing ambiguities for HTTP/1.0 requests (#2794)

Browse Source 
* fix HRS vuln when first CL header is 0

* ignore TE headers in http/1.0 reqs

* update changelog

* disallow HTTP/1.0 requests without a CL header

* fix test

* broken fix for http1.0 post requests
This commit is contained in:
Rob Ede
2022-07-01 08:23:40 +01:00
committed by GitHub
parent c6eba2da9b
commit 8f9a12ed5d
2 changed files with 142 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
actix-http/CHANGES.md
View File

@ -1,6 +1,10 @@
# Changes
## Unreleased - 2022-xx-xx
### Fixed
- Fix parsing ambiguity in Transfer-Encoding and Content-Length headers for HTTP/1.0 requests. [#2794]
[#2794]: https://github.com/actix/actix-web/pull/2794
## 3.2.0 - 2022-06-30