https://bz.apache.org/bugzilla/show_bug.cgi?id=69614
Bug ID: 69614
Summary: Ill formatted priority header results in frozen HTTP/2
connection
Product: Tomcat 10
Version: 10.1.31
Hardware: All
OS: All
Status: NEW
Severity: critical
Priority: P2
Component: Servlet
Assignee: dev@tomcat.apache.org
Reporter: cedric.ni...@malt.com
Target Milestone: ------
Created attachment 40007
--> https://bz.apache.org/bugzilla/attachment.cgi?id=40007&action=edit
Simple java reproducer
We recently began to receive ill-formatted priority HTTP headers with a colon
instead of an equal and it broke our production environment.
The bug can be reproduced systematically following these steps:
- start any tomcat configured with TLS (required for HTTP/2) and HTTP/2
- open an HTTP/2 connection using a valid request
- send a second request (on the same HTTP/2 connection) with an ill formatted
`priority` header set to "u=1:i" (note the `:` instead of the `,`)
>From that point, all requests using the same HTTP/2 connection will time out,
wether they are valid or not.
Note that sending directly an invalid request will NOT end in the same
behaviour, an exception will be thrown and the HTTP/2 connection will be
discarded.
Our workaround was to filter those ill formatted request before the hit tomcat.
The expected behaviour would be to receive a 400 http status code without
affecting the other streams of the HTTP/2 connection.
You will find attached a simple java reproducer.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
