You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
With headers such as CSP, they tend to be long and hence people naturally break them over multiple lines in config. That then breaks the service as headers with newline/carriage return violate HTTP spec. Seems especially troublesome in HTTP/2.
Attached patch will sanitize the headers and remove the offending characters.
With headers such as CSP, they tend to be long and hence people naturally break them over multiple lines in config. That then breaks the service as headers with newline/carriage return violate HTTP spec. Seems especially troublesome in HTTP/2.
Attached patch will sanitize the headers and remove the offending characters.
patchfile.txt
(Sorry about the patchfile, didn't have permissions to create a branch and PR etc. The fix is very simple however.)
The text was updated successfully, but these errors were encountered: