reject connection-specific headers (#173)

- When receiving, return a PROTOCOL_ERROR. - When sending, return a user error about malformed headers. Closes #36
2017-11-14 11:16:29 -08:00
parent 05abb686cf
commit 79003d0d45
6 changed files with 114 additions and 2 deletions
--- a/src/proto/streams/send.rs
+++ b/src/proto/streams/send.rs
@@ -1,3 +1,4 @@
+use http;
 use super::*;
 use codec::{RecvError, UserError};
 use codec::UserError::*;
@@ -56,6 +57,25 @@ impl Send {
            self.init_window_sz
        );

+        // 8.1.2.2. Connection-Specific Header Fields
+        if frame.fields().contains_key(http::header::CONNECTION)
+            || frame.fields().contains_key(http::header::TRANSFER_ENCODING)
+            || frame.fields().contains_key(http::header::UPGRADE)
+            || frame.fields().contains_key("keep-alive")
+            || frame.fields().contains_key("proxy-connection")
+        {
+            debug!("illegal connection-specific headers found");
+            return Err(UserError::MalformedHeaders);
+        } else if let Some(te) = frame.fields().get(http::header::TE) {
+            if te != "trailers" {
+                debug!("illegal connection-specific headers found");
+                return Err(UserError::MalformedHeaders);
+
+            }
+        }
+
+
+
        let end_stream = frame.is_end_stream();

        // Update the state