Skip to content

More validation of HTTP/1.1 messages

Pre-release
Pre-release
Compare
Choose a tag to compare
@graebm graebm released this 29 Apr 23:49
· 139 commits to main since this release
v0.6.4
fa1692a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode. 
More validation of HTTP/1.1 messages. (#321)

Add validation for the following, according to the ABNF defined in RFC-7230.
- header field-names
- header field-values
- request method
- request-path aka URI
- response reason-phrase

Previously, we did an OK job validating incoming messages, but did no validation whatsoever of outgoing messages.

Caveats:
- URI validation is extremely basic for now.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
Assets 2
Loading