Google Git
Sign in
quiche/quiche.git/119575695aeda91b9eed9cf4ff507d70108cdc82^!/.
commit
119575695aeda91b9eed9cf4ff507d70108cdc82
[log]
author
haoyuewang <haoyuewang@google.com>
Tue Sep 13 12:04:02 2022 -0700
committer
Copybara-Service <copybara-worker@google.com>
Tue Sep 13 12:06:24 2022 -0700
tree
5d0ad6f9d631790041cf8371b46449574fd3d98b
parent
669f1a5a377126feec928cafaea4428a4cbde666 [diff]
Deprecate --gfe2_reloadable_flag_quic_validate_header_field_value_at_spdy_stream.

PiperOrigin-RevId: 474085897

diff --git a/quiche/quic/core/http/quic_spdy_stream.cc b/quiche/quic/core/http/quic_spdy_stream.cc
index bce3722..44de84c 100644
--- a/quiche/quic/core/http/quic_spdy_stream.cc
+++ b/quiche/quic/core/http/quic_spdy_stream.cc

@@ -625,8 +625,6 @@
                               : header_list.empty();
   if (!AreHeaderFieldValuesValid(header_list)) {
     OnInvalidHeaders();
-    QUIC_RELOADABLE_FLAG_COUNT_N(
-        quic_validate_header_field_value_at_spdy_stream, 2, 2);
     return;
   }
   // Validate request headers if it did not exceed size limit. If it did,
@@ -1571,12 +1569,9 @@
 
 bool QuicSpdyStream::AreHeaderFieldValuesValid(
     const QuicHeaderList& header_list) const {
-  if (!GetQuicReloadableFlag(quic_validate_header_field_value_at_spdy_stream) ||
-      !VersionUsesHttp3(transport_version())) {
+  if (!VersionUsesHttp3(transport_version())) {
     return true;
   }
-  QUIC_RELOADABLE_FLAG_COUNT_N(quic_validate_header_field_value_at_spdy_stream,
-                               1, 2);
   // According to https://www.rfc-editor.org/rfc/rfc9114.html#section-10.3
   // "[...] HTTP/3 can transport field values that are not valid. While most
   // values that can be encoded will not alter field parsing, carriage return

diff --git a/quiche/quic/core/qpack/qpack_decoder_test.cc b/quiche/quic/core/qpack/qpack_decoder_test.cc
index ecf3a17..5cfd960 100644
--- a/quiche/quic/core/qpack/qpack_decoder_test.cc
+++ b/quiche/quic/core/qpack/qpack_decoder_test.cc

@@ -223,15 +223,8 @@
 }
 
 TEST_P(QpackDecoderTest, LineFeedInValue) {
-  if (!GetQuicReloadableFlag(quic_validate_header_field_value_at_spdy_stream)) {
-    EXPECT_CALL(handler_,
-                OnDecodingErrorDetected(QUIC_INVALID_CHARACTER_IN_FIELD_VALUE,
-                                        "Invalid character in field value."));
-  } else {
-    EXPECT_CALL(handler_, OnHeaderDecoded(Eq("foo"), Eq("ba\nr")));
-    EXPECT_CALL(handler_, OnDecodingCompleted());
-  }
-
+  EXPECT_CALL(handler_, OnHeaderDecoded(Eq("foo"), Eq("ba\nr")));
+  EXPECT_CALL(handler_, OnDecodingCompleted());
   DecodeHeaderBlock(absl::HexStringToBytes("000023666f6f0462610a72"));
 }
 

diff --git a/quiche/quic/core/qpack/qpack_progressive_decoder.cc b/quiche/quic/core/qpack/qpack_progressive_decoder.cc
index feea62a..5dc5a68 100644
--- a/quiche/quic/core/qpack/qpack_progressive_decoder.cc
+++ b/quiche/quic/core/qpack/qpack_progressive_decoder.cc

@@ -339,31 +339,9 @@
   return true;
 }
 
-bool QpackProgressiveDecoder::OnHeaderDecoded(bool value_from_static_table,
+bool QpackProgressiveDecoder::OnHeaderDecoded(bool /*value_from_static_table*/,
                                               absl::string_view name,
                                               absl::string_view value) {
-  if (!GetQuicReloadableFlag(quic_validate_header_field_value_at_spdy_stream)) {
-    // Skip test for static table entries as they are all known to be valid.
-    if (!value_from_static_table) {
-      // According to Section 10.3 of
-      // https://quicwg.org/base-drafts/draft-ietf-quic-http.html,
-      // "[...] HTTP/3 can transport field values that are not valid. While most
-      // values that can be encoded will not alter field parsing, carriage
-      // return (CR, ASCII 0x0d), line feed (LF, ASCII 0x0a), and the zero
-      // character (NUL, ASCII 0x00) might be exploited by an attacker if they
-      // are translated verbatim. Any request or response that contains a
-      // character not permitted in a field value MUST be treated as malformed
-      // [...]"
-      for (const auto c : value) {
-        if (c == '\0' || c == '\n' || c == '\r') {
-          OnError(QUIC_INVALID_CHARACTER_IN_FIELD_VALUE,
-                  "Invalid character in field value.");
-          return false;
-        }
-      }
-    }
-  }
-
   handler_->OnHeaderDecoded(name, value);
   return true;
 }

diff --git a/quiche/quic/core/quic_flags_list.h b/quiche/quic/core/quic_flags_list.h
index 8f7828c..7c99e37 100644
--- a/quiche/quic/core/quic_flags_list.h
+++ b/quiche/quic/core/quic_flags_list.h

@@ -87,8 +87,6 @@
 QUIC_FLAG(quic_reloadable_flag_quic_connection_migration_use_new_cid_v2, true)
 // If true, uses conservative cwnd gain and pacing gain when cwnd gets bootstrapped.
 QUIC_FLAG(quic_reloadable_flag_quic_conservative_cwnd_and_pacing_gains, false)
-// If true, validate header field character at spdy stream instead of qpack for IETF QUIC.
-QUIC_FLAG(quic_reloadable_flag_quic_validate_header_field_value_at_spdy_stream, true)
 // QuicConnection uses a library to generate connection IDs
 QUIC_FLAG(quic_reloadable_flag_quic_connection_uses_abstract_connection_id_generator, false)
 // QuicDispatcher uses a library to generate connection IDs

diff --git a/quiche/quic/tools/quic_simple_server_stream_test.cc b/quiche/quic/tools/quic_simple_server_stream_test.cc
index 1702ea1..69851f2 100644
--- a/quiche/quic/tools/quic_simple_server_stream_test.cc
+++ b/quiche/quic/tools/quic_simple_server_stream_test.cc

@@ -703,8 +703,7 @@
   // \000 is a way to write the null byte when followed by a literal digit.
   header_list_.OnHeader("content-length", absl::string_view("11\00012", 5));
 
-  if (GetQuicReloadableFlag(quic_validate_header_field_value_at_spdy_stream) &&
-      session_.version().UsesHttp3()) {
+  if (session_.version().UsesHttp3()) {
     EXPECT_CALL(session_,
                 MaybeSendStopSendingFrame(_, QuicResetStreamError::FromInternal(
                                                  QUIC_STREAM_NO_ERROR)));
@@ -725,8 +724,7 @@
   // \000 is a way to write the null byte when followed by a literal digit.
   header_list_.OnHeader("content-length", absl::string_view("\00012", 3));
 
-  if (GetQuicReloadableFlag(quic_validate_header_field_value_at_spdy_stream) &&
-      session_.version().UsesHttp3()) {
+  if (session_.version().UsesHttp3()) {
     EXPECT_CALL(session_,
                 MaybeSendStopSendingFrame(_, QuicResetStreamError::FromInternal(
                                                  QUIC_STREAM_NO_ERROR)));
@@ -747,8 +745,7 @@
   // \000 is a way to write the null byte when followed by a literal digit.
   header_list_.OnHeader("content-length", absl::string_view("11\00011", 5));
 
-  if (GetQuicReloadableFlag(quic_validate_header_field_value_at_spdy_stream) &&
-      session_.version().UsesHttp3()) {
+  if (session_.version().UsesHttp3()) {
     EXPECT_CALL(session_,
                 MaybeSendStopSendingFrame(_, QuicResetStreamError::FromInternal(
                                                  QUIC_STREAM_NO_ERROR)));
@@ -760,8 +757,7 @@
 
   stream_->OnStreamHeaderList(false, kFakeFrameLen, header_list_);
 
-  if (GetQuicReloadableFlag(quic_validate_header_field_value_at_spdy_stream) &&
-      session_.version().UsesHttp3()) {
+  if (session_.version().UsesHttp3()) {
     EXPECT_TRUE(QuicStreamPeer::read_side_closed(stream_));
     EXPECT_TRUE(stream_->reading_stopped());
     EXPECT_TRUE(stream_->write_side_closed());