Fix handling of GET requests by MASQUE
cl/360292410 introduced a regression that made MASQUE not properly handle GETs. Clearly I need to add real test coverage in MASQUE in general, but I'd like to land this first to unblock the hackathon. This code is not used in production.
PiperOrigin-RevId: 361008484
Change-Id: I309cc0ffc1eb5916854722af3273ef68d1634ffa
diff --git a/quic/masque/masque_server_backend.cc b/quic/masque/masque_server_backend.cc
index 6c7f7e1..403ddf2 100644
--- a/quic/masque/masque_server_backend.cc
+++ b/quic/masque/masque_server_backend.cc
@@ -21,20 +21,23 @@
const spdy::Http2HeaderBlock& request_headers,
const std::string& request_body,
QuicSimpleServerBackend::RequestHandler* request_handler) {
+ auto method_pair = request_headers.find(":method");
+ if (method_pair == request_headers.end()) {
+ // Request is missing a method.
+ return false;
+ }
+ absl::string_view method = method_pair->second;
std::string masque_path = "";
if (masque_mode_ == MasqueMode::kLegacy) {
auto path_pair = request_headers.find(":path");
- auto method_pair = request_headers.find(":method");
auto scheme_pair = request_headers.find(":scheme");
if (path_pair == request_headers.end() ||
- method_pair == request_headers.end() ||
scheme_pair == request_headers.end()) {
// This request is missing required headers.
return false;
}
absl::string_view path = path_pair->second;
absl::string_view scheme = scheme_pair->second;
- absl::string_view method = method_pair->second;
if (scheme != "https" || method != "POST" || request_body.empty()) {
// MASQUE requests MUST be a non-empty https POST.
return false;
@@ -45,6 +48,12 @@
return false;
}
masque_path = std::string(path.substr(sizeof("/.well-known/masque/") - 1));
+ } else {
+ QUICHE_DCHECK_EQ(masque_mode_, MasqueMode::kOpen);
+ if (method != "CONNECT-UDP") {
+ // This is not a MASQUE request.
+ return false;
+ }
}
if (!server_authority_.empty()) {
