Commit Graph

10 Commits

Author SHA1 Message Date
Tatsuhiro Tsujikawa 6b7ade9f3f Require python3 for python scripts 2020-12-29 17:35:55 +09:00
Tatsuhiro Tsujikawa 33f6e90a56 Add NGHTTP2_TOKEN__PROTOCOL 2018-09-23 10:36:30 +09:00
Wenfeng Liu e0119452a3 Use memeq() instead of lstreq() in lookup_token(). 2016-08-09 04:15:38 +00:00
Wenfeng Liu af9aeee752 1. Modify genlibtokenlookup.py to remove redundant header comparisons.
2. Remove inline qualifier of lookup_token() in genlibtokenlookup.py.
2016-08-05 09:56:15 +00:00
Tatsuhiro Tsujikawa 3db9c2c796 Remove extra tokenization of header names; they are not effective at best 2016-03-12 21:13:09 +09:00
Tatsuhiro Tsujikawa ff0d137fb3 Reference counted HPACK name/value pair 2016-03-12 21:12:27 +09:00
Tatsuhiro Tsujikawa 7921029e33 Tokenize extra HTTP header fields
The extra HTTP header fields are compiled from
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers,
https://en.wikipedia.org/wiki/List_of_HTTP_header_fields, and
https://www.owasp.org/index.php/List_of_useful_HTTP_headers.
2016-02-20 23:30:02 +09:00
Tatsuhiro Tsujikawa 93afbc7d2f Rewrite static header table handling
We rewrite static header table handling in nghttp2_hd.c.  We expand
nghttp2_token to include all static header table entries, and fully
use them in header compression and decompression.  The lookup function
is now located in nghttp2_hd.c.  We add new nghttp2_hd_inflate_hd2()
function to export token value for header name, then we pass it to
nghttp2_http_on_header function, so that we don't have to look up
token there.  We carefully set enum value of token to static table
index, so looking up static table is now O(1), assuming we have token.
2015-04-15 23:58:56 +09:00
Tatsuhiro Tsujikawa 6893608ae2 Use literal instead of computed value in token lookup 2015-03-21 23:03:37 +09:00
Tatsuhiro Tsujikawa b157d4ebb2 Validate HTTP semantics by default
Previously we did not check HTTP semantics and it is left out for
application.  Although checking is relatively easy, but they are
scattered and error prone.  We have implemented these checks in our
applications and also feel they are tedious.  To make application
development a bit easier, this commit adds basic HTTP semantics
validation to library code.  We do following checks:

server:

* HEADERS is either request header or trailer header.  Other type of
header is disallowed.

client:

* HEADERS is either zero or more non-final response header or final
  response header or trailer header.  Other type of header is
  disallowed.

For both:

* Check mandatory pseudo header fields.
* Make sure that content-length matches the amount of DATA we
  received.

If validation fails, RST_STREAM of type PROTOCOL_ERROR is issued.
2015-02-20 01:01:10 +09:00