net/http: validate transmitted header fields - go - Fork of Go programming language with my patches.

diff options

author	Brad Fitzpatrick <bradfitz@golang.org>	2016-03-31 14:33:46 +1100
committer	Brad Fitzpatrick <bradfitz@golang.org>	2016-03-31 04:55:58 +0000
commit	0026cb788b54e3108534992d98b7fec0cf96de17 (patch)
tree	8a7665cd739b9f00e12bd3dc6747cba890ff02e3 /src/net/http/readrequest_test.go
parent	b4117995e3e01a669be737c36033c2393858d555 (diff)
download	go-0026cb788b54e3108534992d98b7fec0cf96de17.tar.xz

net/http: validate transmitted header fields

This makes sure the net/http package never attempts to transmit a bogus header field key or value and instead fails fast with an error to the user, rather than relying on the server to maybe return an error. It's still possible to use x/net/http2.Transport directly to send bogus stuff. This change only stops h1 & h2 usage via the net/http package. A future change will update x/net/http2. This change also moves some code from request.go to lex.go, which in a separate future change should be moved so it can be shared with http2 to reduce code bloat. Updates #14048 Change-Id: I0a44ae1ab357fbfcbe037aa4b5d50669a87f2856 Reviewed-on: https://go-review.googlesource.com/21326 Reviewed-by: Andrew Gerrand <adg@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org>

Diffstat (limited to 'src/net/http/readrequest_test.go')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: