Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

allow insecure-http-header parsing to be requested per server #31440

Closed
sam-github opened this issue Jan 21, 2020 · 2 comments
Closed

allow insecure-http-header parsing to be requested per server #31440

sam-github opened this issue Jan 21, 2020 · 2 comments
Assignees
Labels
http Issues or PRs related to the http subsystem.

Comments

@sam-github
Copy link
Contributor

Is your feature request related to a problem? Please describe.
Please describe the problem you are trying to solve.

Some servers deviate from HTTP spec enougth that Node.js can't communicate with them, but "work" when --insecure-http-parser is enabled globally. It would be useful to be able to use this mode, as a client, only when connecting to known bad servers.

See: #30567 (comment)

cc: @addaleax

@sam-github sam-github added the http Issues or PRs related to the http subsystem. label Jan 21, 2020
@addaleax
Copy link
Member

addaleax commented Jan 21, 2020

Sounds good! I’m assuming we could implement this the same way we’re doing it for maxHeaderSize? I’m happy to take this on if you like.

@sam-github
Copy link
Contributor Author

The global flag was a necessity, IMO, see #30567 (comment), but per connection would be nice, too.

@addaleax To be clear, I'm not personally requesting this. It seems like a nice API addition, and at least 1 person has asked for it , and you mentioned an interest, but maybe its a good first contribution for someone else. As you wish.

@addaleax addaleax self-assigned this Jan 21, 2020
addaleax added a commit to addaleax/node that referenced this issue Jan 21, 2020
From the issue:

> Some servers deviate from HTTP spec enougth that Node.js can't
> communicate with them, but "work" when `--insecure-http-parser`
> is enabled globally. It would be useful to be able to use this
> mode, as a client, only when connecting to known bad servers.

This is largely equivalent to nodejs#31446
in terms of code changes.

Fixes: nodejs#31440
Refs: nodejs#31446
addaleax added a commit to sam-github/node that referenced this issue Jan 24, 2020
From the issue:

> Some servers deviate from HTTP spec enougth that Node.js can't
> communicate with them, but "work" when `--insecure-http-parser`
> is enabled globally. It would be useful to be able to use this
> mode, as a client, only when connecting to known bad servers.

This is largely equivalent to nodejs#31446
in terms of code changes.

Fixes: nodejs#31440
Refs: nodejs#31446

PR-URL: nodejs#31448
Reviewed-By: Sam Roberts <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
addaleax added a commit to addaleax/node that referenced this issue Jan 24, 2020
From the issue:

> Some servers deviate from HTTP spec enougth that Node.js can't
> communicate with them, but "work" when `--insecure-http-parser`
> is enabled globally. It would be useful to be able to use this
> mode, as a client, only when connecting to known bad servers.

This is largely equivalent to nodejs#31446
in terms of code changes.

Fixes: nodejs#31440
Refs: nodejs#31446

PR-URL: nodejs#31448
Reviewed-By: Sam Roberts <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
zsw007 added a commit to ibmruntimes/node that referenced this issue Feb 11, 2020
Backport 7fc5656

Original commit message:

    From the issue:

    > Some servers deviate from HTTP spec enougth that Node.js can't
    > communicate with them, but "work" when `--insecure-http-parser`
    > is enabled globally. It would be useful to be able to use this
    > mode, as a client, only when connecting to known bad servers.

    This is largely equivalent to
    nodejs/node#31446 in terms of code changes.

    Fixes: nodejs/node#31440
    Refs: nodejs/node#31446

    Backport-PR-URL: nodejs/node#31500
    PR-URL: nodejs/node#31448
    Reviewed-By: Sam Roberts <[email protected]>
    Reviewed-By: Colin Ihrig <[email protected]>
    Reviewed-By: James M Snell <[email protected]>
    Reviewed-By: Rich Trott <[email protected]>
zsw007 added a commit to ibmruntimes/node that referenced this issue Feb 12, 2020
Backport 7fc5656

Original commit message:

    From the issue:

    > Some servers deviate from HTTP spec enougth that Node.js can't
    > communicate with them, but "work" when `--insecure-http-parser`
    > is enabled globally. It would be useful to be able to use this
    > mode, as a client, only when connecting to known bad servers.

    This is largely equivalent to
    nodejs/node#31446 in terms of code changes.

    Fixes: nodejs/node#31440
    Refs: nodejs/node#31446

    Backport-PR-URL: nodejs/node#31500
    PR-URL: nodejs/node#31448
    Reviewed-By: Sam Roberts <[email protected]>
    Reviewed-By: Colin Ihrig <[email protected]>
    Reviewed-By: James M Snell <[email protected]>
    Reviewed-By: Rich Trott <[email protected]>
zsw007 added a commit to ibmruntimes/node that referenced this issue Feb 12, 2020
Backport 7fc5656

Original commit message:

    From the issue:

    > Some servers deviate from HTTP spec enougth that Node.js can't
    > communicate with them, but "work" when `--insecure-http-parser`
    > is enabled globally. It would be useful to be able to use this
    > mode, as a client, only when connecting to known bad servers.

    This is largely equivalent to
    nodejs/node#31446 in terms of code changes.

    Fixes: nodejs/node#31440
    Refs: nodejs/node#31446

    Backport-PR-URL: nodejs/node#31500
    PR-URL: nodejs/node#31448
    Reviewed-By: Sam Roberts <[email protected]>
    Reviewed-By: Colin Ihrig <[email protected]>
    Reviewed-By: James M Snell <[email protected]>
    Reviewed-By: Rich Trott <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
http Issues or PRs related to the http subsystem.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants