envoyproxy/envoy

IPv6 Host format is not validated before it is propagated to :authority

Open

#22,859 创建于 2022年8月26日

在 GitHub 查看
 (27 评论) (0 反应) (2 负责人)C++ (5,373 fork)batch import
area/httpbeginnerbughelp wantedno stalebot

仓库指标

Star
 (27,997 star)
PR 合并指标
 (平均合并 8天) (30 天内合并 378 个 PR)

描述

Hello everyone. I have noticed that in IPv6, when Envoy translates a request to HTTP2 , Envoy does not seem to check and verify the host address format before propagating the value to the :authority pseudo-header. Host addresses like "2001:db8::2:1:443" (it does not adhere to the [ip]:port format) are applied as "they-are" in the :authority header. Keep in mind that RFC3986 states the following about host header:

A host identified by an Internet Protocol literal address, version 6 [RFC3513] or later, is distinguished by enclosing the IP literal within square brackets ("[" and "]").

Therefore I would expect that non-rfc3986-compliant headers would lead to an error and not be propagated to :authority as part of the conversion from http1 to http2. For your reference, RFC7230 mentioned host header handling in case of invalid values.

A server MUST respond with a 400 (Bad Request) status code to any HTTP/1.1 request message that lacks a Host header field and to any request message that contains more than one Host header field or a Host header field with an invalid field-value.

Is the current behavior intentional or is there an actual issue? If needed I can provide some steps to reproduce the behavior by using Istio. I have verified the behavior on Envoy 1.22.2

贡献者指南