On Thu, Dec 15, 2022 at 09:03:18AM +0100, Amaury Denoyelle wrote:
> On Thu, Dec 15, 2022 at 08:58:16AM +0100, Amaury Denoyelle wrote:
> > On Wed, Dec 14, 2022 at 11:20:44PM -0700, Shawn Heisey wrote:
> > > On 12/14/22 21:23, Илья Шипицин wrote:
> > > > Can you try to bisect?
> > > I had made some incorrect assumptions about what's needed to use
> > > bisect. With a little bit of research I figured it out and it was a
> > > LOT easier than I had imagined.
> > > > I suspect that it won't help, browsers tend to remember things in
> > > > their own way
> > > One thing I have learned in my testing is that doing shift-reload on
> > > the page means it will never switch to h3. So I use shift-reload
> > > followed by a couple of regular reloads as a way of resetting what
> > > the browser remembers. That seems to work.
> > > The bisect process only took a few runs to find the problem commit:
> > > 3ca4223c5e1f18a19dc93b0b09ffdbd295554d46 is the first bad commit
> > > commit 3ca4223c5e1f18a19dc93b0b09ffdbd295554d46
> > > Author: Amaury Denoyelle <adenoye...@haproxy.com>
> > > Date: Wed Dec 7 14:31:42 2022 +0100
> > > BUG/MEDIUM: h3: reject request with invalid header name
> > > [...]
> > I seem to be able to reach your website with H3 currently. Did you
> > revert to an older version ? Regarding this commit, it rejects requests
> > with invalid headers (with uppercase or non-HTTP tokens in the field
> > name). Have you tried with several browsers and with command-line
> > clients ?
> > I will look on my side to see if I missed something.
> With a local instance of nextcloud I am able to reproduce a bug linked
> to this commit with caused the deactivation of H3. I'm investigating on
> it...
The issue seems to be triggered by request with a cookie header. Can you
please apply the following patch on top of the master branch and confirm
me if this resolves your issue ? Thanks.
--
Amaury Denoyelle
>From 603a919c8b0cea75516571c27e427960e85fae72 Mon Sep 17 00:00:00 2001
From: Amaury Denoyelle <adenoye...@haproxy.com>
Date: Thu, 15 Dec 2022 09:18:25 +0100
Subject: [PATCH] BUG/MEDIUM: h3: fix cookie header parsing
---
src/h3.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/h3.c b/src/h3.c
index d24b3de5f..10d19e2cd 100644
--- a/src/h3.c
+++ b/src/h3.c
@@ -544,6 +544,7 @@ static ssize_t h3_headers_to_htx(struct qcs *qcs, const
struct buffer *buf,
if (isteq(list[hdr_idx].n, ist("cookie"))) {
http_cookie_register(list, hdr_idx, &cookie,
&last_cookie);
+ ++hdr_idx;
continue;
}
else if (isteq(list[hdr_idx].n, ist("content-length"))) {
--
2.39.0
