Commit c50b878c authored by Daniel Stenberg's avatar Daniel Stenberg
Browse files

CONNECT: reject TE or CL in 2xx responses 

A server MUST NOT send any Transfer-Encoding or Content-Length header
fields in a 2xx (Successful) response to CONNECT. (RFC 7231 section
4.3.6)

Also fixes the three test cases that did this.
parent aab33215

lib/http_proxy.c

+17 −0
Original line number Diff line number Diff line
@@ -529,6 +529,15 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn, 
                      return result;

                  }

                  else if(checkprefix("Content-Length:", line_start)) {

                    if(k->httpcode/100 == 2) {

                      /* A server MUST NOT send any Transfer-Encoding or

                         Content-Length header fields in a 2xx (Successful)

                         response to CONNECT. (RFC 7231 section 4.3.6) */

                      failf(data, "Content-Length: in %03d response",

                            k->httpcode);

                      return CURLE_RECV_ERROR;

                    }



                    cl = curlx_strtoofft(line_start +

                                         strlen("Content-Length:"), NULL, 10);

                  }
@@ -538,6 +547,14 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn, 
                  else if(Curl_compareheader(line_start,

                                             "Transfer-Encoding:",

                                             "chunked")) {

                    if(k->httpcode/100 == 2) {

                      /* A server MUST NOT send any Transfer-Encoding or

                         Content-Length header fields in a 2xx (Successful)

                         response to CONNECT. (RFC 7231 section 4.3.6) */

                      failf(data, "Transfer-Encoding: in %03d response",

                            k->httpcode);

                      return CURLE_RECV_ERROR;

                    }

                    infof(data, "CONNECT responded chunked\n");

                    chunked_encoding = TRUE;

                    /* init our chunky engine */

tests/data/test1097

+5 −7
Original line number Diff line number Diff line
@@ -19,18 +19,16 @@ Content-Length: 27 
This is all fine and dandy

</data>



# This is the CONNECT response

<connect1001>

HTTP/1.1 200 We are fine and cool

Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2

Content-Length: 27



This is all fine and dandy

</connect1001>



<datacheck>

HTTP/1.1 200 We are fine and cool

Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2

Content-Length: 27



HTTP/1.1 200 We are fine and cool

Server: Apache/1.3.27 (Dorw1n) PHP/44.1.2

tests/data/test1230

+0 −2
Original line number Diff line number Diff line
@@ -23,14 +23,12 @@ mooooooo 
<connect>

HTTP/1.1 200 welcome dear

Date: Thu, 09 Nov 2010 14:49:00 GMT

Content-Length: 0



</connect>



<datacheck>

HTTP/1.1 200 welcome dear

Date: Thu, 09 Nov 2010 14:49:00 GMT

Content-Length: 0



HTTP/1.1 200 OK

Date: Thu, 09 Nov 2010 14:49:00 GMT

tests/data/test1525

+0 −2
Original line number Diff line number Diff line
@@ -14,7 +14,6 @@ CURLOPT_PROXYHEADER 
<reply>

<connect>

HTTP/1.1 200 OK

Content-Length: 17



</connect>

<data>
@@ -26,7 +25,6 @@ ETag: "21025-dc7-39462498" 
</data>

<datacheck>

HTTP/1.1 200 OK

Content-Length: 17



HTTP/1.1 200 OK swsclose

Date: Thu, 09 Nov 2010 14:49:00 GMT