http: improve buffer reuse for heeaders, and discard unused bodies - nng - A mirror of https://github.com/nanomsg/nng

diff options

author	Garrett D'Amore <garrett@damore.org>	2025-01-11 13:29:23 -0800
committer	Garrett D'Amore <garrett@damore.org>	2025-01-11 13:29:23 -0800
commit	b16e6ebf05429cb4ac29b3a5a5c9758fa362c78a (patch)
tree	9f0c21017de2fd17b0c8f2c9a9621d78849861bf /src/core
parent	588611e180f2e47caa778a6265b1d7f73b90648a (diff)
download	nng-b16e6ebf05429cb4ac29b3a5a5c9758fa362c78a.tar.gz nng-b16e6ebf05429cb4ac29b3a5a5c9758fa362c78a.tar.bz2 nng-b16e6ebf05429cb4ac29b3a5a5c9758fa362c78a.zip

http: improve buffer reuse for heeaders, and discard unused bodies

The body content not being consumed was leading to misparses, where we consumed body data as if it were a request. When mixed with proxies this could lead to a security problem where the following request content submitted from a different client winds up as stolen request body content. This also ensures we actually deliver errors to clients without prematurely closing the connection. (There are still problems where the connection may be closed prematurely for an overlarge header.)

Diffstat (limited to 'src/core')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: