Google Git
Sign in
quiche/quiche.git/dc02e7f61fb614c44ebe2f8a44672f2ecb25e321^!/.
commit
dc02e7f61fb614c44ebe2f8a44672f2ecb25e321
[log] [tgz]
author
dschinazi <dschinazi@google.com>
Wed Feb 04 08:25:50 2026 -0800
committer
Copybara-Service <copybara-worker@google.com>
Wed Feb 04 08:26:18 2026 -0800
tree
d95d88d1a881e5e6d3b02cf0046e2553932e6353
parent
5519a76cd2a5d50d474ade0de65b04b2b07c9682 [diff]
Add new prober for Chunked OHTTP

This CL intentionally makes this prober use IPv4 so that between the regular "success" prober and this one we get coverage of both IP version.

This CL also fixes a bug in the handling of the use_client_cert_for_key_fetch option.

This CL also fixes a bug in the test client that was causing the private token not to be properly sent for chunked requests.

PiperOrigin-RevId: 865419113

diff --git a/quiche/quic/masque/masque_ohttp_client.cc b/quiche/quic/masque/masque_ohttp_client.cc
index b326cdb..574f9d8 100644
--- a/quiche/quic/masque/masque_ohttp_client.cc
+++ b/quiche/quic/masque/masque_ohttp_client.cc

@@ -331,22 +331,14 @@
   control_data.scheme = url.scheme();
   control_data.authority = url.HostPort();
   control_data.path = url.PathParamsQuery();
-  BinaryHttpRequest binary_request(control_data);
-  binary_request.set_body(post_data);
-  if (!per_request_config.private_token().empty()) {
-    QUICHE_ASSIGN_OR_RETURN(
-        std::string formatted_token,
-        FormatPrivateToken(per_request_config.private_token()));
-    binary_request.AddHeaderField({"authorization", formatted_token});
-  }
-  absl::StatusOr<std::string> encoded_request = binary_request.Serialize();
-  if (!encoded_request.ok()) {
-    return absl::InternalError(
-        absl::StrCat("Failed to serialize OHTTP request: ",
-                     encoded_request.status().message()));
-  }
   std::string encrypted_data;
   PendingRequest pending_request(per_request_config);
+  std::string formatted_token;
+  if (!per_request_config.private_token().empty()) {
+    QUICHE_ASSIGN_OR_RETURN(
+        formatted_token,
+        FormatPrivateToken(per_request_config.private_token()));
+  }
   if (!ohttp_client_.has_value()) {
     QUICHE_LOG(FATAL) << "Cannot send OHTTP request without OHTTP client";
     return absl::InternalError(
@@ -369,6 +361,9 @@
     QUICHE_ASSIGN_OR_RETURN(std::string encoded_data,
                             encoder.EncodeControlData(control_data));
     std::vector<quiche::BinaryHttpMessage::FieldView> headers;
+    if (!formatted_token.empty()) {
+      headers.push_back({"authorization", formatted_token});
+    }
     QUICHE_ASSIGN_OR_RETURN(std::string encoded_headers,
                             encoder.EncodeHeaders(absl::MakeSpan(headers)));
     encoded_data += encoded_headers;
@@ -412,6 +407,17 @@
 
     pending_request.chunk_handler->SetChunkedClient(std::move(*chunked_client));
   } else {
+    BinaryHttpRequest binary_request(control_data);
+    binary_request.set_body(post_data);
+    if (!formatted_token.empty()) {
+      binary_request.AddHeaderField({"authorization", formatted_token});
+    }
+    absl::StatusOr<std::string> encoded_request = binary_request.Serialize();
+    if (!encoded_request.ok()) {
+      return absl::InternalError(
+          absl::StrCat("Failed to serialize OHTTP request: ",
+                       encoded_request.status().message()));
+    }
     absl::StatusOr<ObliviousHttpRequest> ohttp_request =
         ohttp_client_->CreateObliviousHttpRequest(*encoded_request);
     if (!ohttp_request.ok()) {