This is an automated email from the ASF dual-hosted git repository.
markt-asf pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 5ced31b4ab Further improvements to CONNECT checks after CoPilot review
5ced31b4ab is described below
commit 5ced31b4ab36455df0abf675230a595472bd058e
Author: Mark Thomas <[email protected]>
AuthorDate: Fri Apr 24 15:06:43 2026 +0100
Further improvements to CONNECT checks after CoPilot review
---
java/org/apache/coyote/http2/Stream.java | 9 +++++++--
.../apache/coyote/http2/TestHttp2Section_8_5.java | 20 ++++++++++++++++++++
2 files changed, 27 insertions(+), 2 deletions(-)
diff --git a/java/org/apache/coyote/http2/Stream.java
b/java/org/apache/coyote/http2/Stream.java
index 67f5b881fa..e52cc9c2aa 100644
--- a/java/org/apache/coyote/http2/Stream.java
+++ b/java/org/apache/coyote/http2/Stream.java
@@ -589,11 +589,16 @@ class Stream extends AbstractNonZeroStream implements
HeaderEmitter {
if (coyoteRequest.getMethod() == null) {
missingHeader = true;
} else if (Method.CONNECT.equals(coyoteRequest.getMethod())) {
+ // CONNECT only
if (!coyoteRequest.scheme().isNull() ||
!coyoteRequest.requestURI().isNull()) {
- throw new
StreamException(sm.getString("stream.header.invalidConnect", getConnectionId(),
+ throw new
StreamException(sm.getString("stream.header.invalidConnect", getConnectionId(),
getIdAsString()), Http2Error.PROTOCOL_ERROR,
getIdAsInt());
}
- } else if (!Method.CONNECT.equals(coyoteRequest.getMethod())) {
+ if (coyoteRequest.serverName().isNull()) {
+ missingHeader = true;
+ }
+ } else {
+ // All other methods
if (coyoteRequest.scheme().isNull() ||
coyoteRequest.requestURI().isNull()) {
missingHeader = true;
}
diff --git a/test/org/apache/coyote/http2/TestHttp2Section_8_5.java
b/test/org/apache/coyote/http2/TestHttp2Section_8_5.java
index f7bd35e474..52cd5de31f 100644
--- a/test/org/apache/coyote/http2/TestHttp2Section_8_5.java
+++ b/test/org/apache/coyote/http2/TestHttp2Section_8_5.java
@@ -61,4 +61,24 @@ public class TestHttp2Section_8_5 extends Http2TestBase {
Assert.assertEquals("3-RST-[1]\n", output.getTrace());
}
+
+
+ @Test
+ public void testConnectWithoutAuthority() throws Exception {
+ http2Connect();
+
+ byte[] frameHeader = new byte[9];
+ ByteBuffer headersPayload = ByteBuffer.allocate(128);
+
+ List<Header> headers = new ArrayList<>(4);
+ headers.add(new Header(":method", Method.CONNECT));
+
+ buildGetRequest(frameHeader, headersPayload, null, headers, 3);
+
+ writeFrame(frameHeader, headersPayload);
+
+ parser.readFrame();
+
+ Assert.assertEquals("3-RST-[1]\n", output.getTrace());
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
