From 823b69a03811b71e0c2ffdfbfc36a1f88b1d72f8 Mon Sep 17 00:00:00 2001 From: corentin Date: Tue, 9 Dec 2025 16:52:27 +0100 Subject: [PATCH] Fix http2 content-length header check (#12747) Fix issue where in HTTP2 response defined to have no payload like HEAD or 304 reponse to conditional GET were failing with 502 status when having non-zero Content-Length header. According to the RFC they may have Content-length representing the size the payload would have in the case of a 200 regular GET response. See https://datatracker.ietf.org/doc/html/rfc7540#section-8.1.2.6 --- include/proxy/http2/Http2Stream.h | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/include/proxy/http2/Http2Stream.h b/include/proxy/http2/Http2Stream.h index f9961e777bf..72041da297d 100644 --- a/include/proxy/http2/Http2Stream.h +++ b/include/proxy/http2/Http2Stream.h @@ -390,11 +390,21 @@ inline bool Http2Stream::payload_length_is_valid() const { uint32_t content_length = _receive_header.get_content_length(); - if (content_length != 0 && content_length != data_length) { + uint64_t mask = (MIME_PRESENCE_IF_UNMODIFIED_SINCE | MIME_PRESENCE_IF_MODIFIED_SINCE | MIME_PRESENCE_IF_RANGE | + MIME_PRESENCE_IF_MATCH | MIME_PRESENCE_IF_NONE_MATCH); + + // Skip Content-Length check on [RFC 7230] 3.3.2 conditions + bool is_payload_precluded = + this->is_outbound_connection() && (_send_header.method_get_wksidx() == HTTP_WKSIDX_HEAD || + (_send_header.method_get_wksidx() == HTTP_WKSIDX_GET && _send_header.presence(mask) && + _receive_header.status_get() == HTTPStatus::NOT_MODIFIED)); + + if (content_length != 0 && !is_payload_precluded && content_length != data_length) { Warning("Bad payload length content_length=%d data_legnth=%d session_id=%" PRId64, content_length, static_cast(data_length), _proxy_ssn->connection_id()); + return false; } - return content_length == 0 || content_length == data_length; + return true; } inline bool