The gateway example forwards requests with multiple Content-Length headers. The HTTP RFCs say not to forward such messages.
From RFC 7230:
If a message is received without Transfer-Encoding and with
either multiple Content-Length header fields having differing
field-values or a single Content-Length header field having an
invalid value, then the message framing is invalid and the
recipient MUST treat it as an unrecoverable error. If this is a
request message, the server MUST respond with a 400 (Bad Request)
status code and then close the connection.
Thus, upon receipt of a request with multiple Content-Length headers, the gateway example should reject the request with a 400.
Pingora info
Please include the following information about your environment:
Pingora forwarded the request to one.one.one.one, which responds 400. This is clear because the response has a CF-RAY header, which Pingora wouldn't insert on its own.
Describe the bug
The gateway example forwards requests with multiple
Content-Length
headers. The HTTP RFCs say not to forward such messages.From RFC 7230:
Thus, upon receipt of a request with multiple
Content-Length
headers, the gateway example should reject the request with a 400.Pingora info
Please include the following information about your environment:
Pingora version: 648a6ad0554442be5f9c8d396a66843552156d1f Rust version: cargo 1.79.0 (ffa9cf99a 2024-06-03) Operating system version: Debian 13
Steps to reproduce
Content-Length
header, and send it again:Expected results
Pingora should respond 400.
Observed results
Pingora forwarded the request to
one.one.one.one
, which responds 400. This is clear because the response has aCF-RAY
header, which Pingora wouldn't insert on its own.