Skip to content

Commit

Permalink
validate_client_resp: Limit this to esi_level == 0
Browse files Browse the repository at this point in the history 
There is no need to validate client response headers that we do not
intend to transmit.
  • Loading branch information
@daghf @walid-git
daghf authored and walid-git committed Sep 1, 2023
1 parent bf24404 commit 197e134
Showing 1 changed file with 4 additions and 2 deletions.
6 changes: 4 additions & 2 deletions bin/varnishd/cache/cache_req_fsm.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -235,7 +235,8 @@ cnt_deliver(struct worker *wrk, struct req *req)
VCL_deliver_method(req->vcl, wrk, req, NULL, NULL);

if (FEATURE(FEATURE_VALIDATE_CLIENT_RESPONSES) &&
wrk->vpi->handling == VCL_RET_DELIVER && HTTP_ValidateResp(req->resp)) {
req->esi_level == 0 && wrk->vpi->handling == VCL_RET_DELIVER &&
HTTP_ValidateResp(req->resp)) {
VSLb(req->vsl, SLT_VCL_Error,
"Response failed HTTP validation");
wrk->vpi->handling = VCL_RET_FAIL;
Expand Down Expand Up @@ -338,7 +339,8 @@ cnt_synth(struct worker *wrk, struct req *req)
AZ(VSB_finish(synth_body));

if (FEATURE(FEATURE_VALIDATE_CLIENT_RESPONSES) &&
wrk->vpi->handling == VCL_RET_DELIVER && HTTP_ValidateResp(req->resp)) {
req->esi_level == 0 && wrk->vpi->handling == VCL_RET_DELIVER &&
HTTP_ValidateResp(req->resp)) {
VSLb(req->vsl, SLT_VCL_Error,
"Synthetic response failed HTTP validation");
wrk->vpi->handling = VCL_RET_FAIL;
Expand Down

0 comments on commit 197e134

Please sign in to comment.