Allows "classic" CONNECT request headers even when the extended connection option has been set. PiperOrigin-RevId: 450736697
diff --git a/quiche/http2/adapter/header_validator.cc b/quiche/http2/adapter/header_validator.cc index 972b0c6..67d543a 100644 --- a/quiche/http2/adapter/header_validator.cc +++ b/quiche/http2/adapter/header_validator.cc
@@ -96,14 +96,15 @@ static const std::vector<std::string>* kExtendedConnectHeaders = new std::vector<std::string>( {":authority", ":method", ":path", ":protocol", ":scheme"}); - return pseudo_headers == *kExtendedConnectHeaders; - } else { - // See RFC 7540 Section 8.3. - static const std::vector<std::string>* kConnectHeaders = - new std::vector<std::string>({":authority", ":method"}); - return authority.has_value() && !authority.value().empty() && - pseudo_headers == *kConnectHeaders; + if (pseudo_headers == *kExtendedConnectHeaders) { + return true; + } } + // See RFC 7540 Section 8.3. + static const std::vector<std::string>* kConnectHeaders = + new std::vector<std::string>({":authority", ":method"}); + return authority.has_value() && !authority.value().empty() && + pseudo_headers == *kConnectHeaders; } if (path.empty()) {
diff --git a/quiche/http2/adapter/header_validator_test.cc b/quiche/http2/adapter/header_validator_test.cc index fc3e207..6e446f2 100644 --- a/quiche/http2/adapter/header_validator_test.cc +++ b/quiche/http2/adapter/header_validator_test.cc
@@ -303,6 +303,15 @@ EXPECT_EQ(HeaderValidator::HEADER_OK, v.ValidateSingleHeader(":method", "CONNECT")); EXPECT_TRUE(v.FinishHeaderBlock(HeaderType::REQUEST)); + + v.SetAllowExtendedConnect(); + // "Classic" CONNECT headers should still be accepted. + v.StartHeaderBlock(); + EXPECT_EQ(HeaderValidator::HEADER_OK, + v.ValidateSingleHeader(":authority", "athena.dialup.mit.edu:23")); + EXPECT_EQ(HeaderValidator::HEADER_OK, + v.ValidateSingleHeader(":method", "CONNECT")); + EXPECT_TRUE(v.FinishHeaderBlock(HeaderType::REQUEST)); } TEST(HeaderValidatorTest, WebsocketPseudoHeaders) {