From 03dc30e76e2a241e921df429b5b4e078bb295067 Mon Sep 17 00:00:00 2001
From: ctiller <ctiller@google.com>
Date: Mon, 1 Dec 2014 17:13:04 -0800
Subject: Validate TE header is legal for HTTP2.

As per draft-16 section 8.1.2.2:
The only exception to this is the TE header field, which MAY be
present in an HTTP/2 request; when it is, it MUST NOT contain any
value other than "trailers".

https://tools.ietf.org/html/draft-ietf-httpbis-http2-16
	Change on 2014/12/01 by ctiller <ctiller@google.com>
-------------
Created by MOE: http://code.google.com/p/moe-java
MOE_MIGRATED_REVID=81111980
---
 src/core/channel/http_server_filter.c | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'src/core')

diff --git a/src/core/channel/http_server_filter.c b/src/core/channel/http_server_filter.c
index b176064813..7322ff5b46 100644
--- a/src/core/channel/http_server_filter.c
+++ b/src/core/channel/http_server_filter.c
@@ -64,6 +64,13 @@ static void call_op(grpc_call_element *elem, grpc_call_op *op) {
         /* swallow it */
         grpc_mdelem_unref(op->data.metadata);
         op->done_cb(op->user_data, GRPC_OP_OK);
+      } else if (op->data.metadata->key == channeld->te_trailers->key) {
+        gpr_log(GPR_ERROR, "Invalid te: header: '%s'",
+                grpc_mdstr_as_c_string(op->data.metadata->value));
+        /* swallow it */
+        grpc_mdelem_unref(op->data.metadata);
+        op->done_cb(op->user_data, GRPC_OP_OK);
+        grpc_call_element_send_cancel(elem);
       } else {
         /* pass the event up */
         grpc_call_next_op(elem, op);
-- 
cgit v1.2.3