BUG/MEDIUM: http-htx: Don't use data from HTX message to update authority

When a host header value is updated, the authority can also be updated accordingly. When it is performed, we must not use the new host header value from the HTX message. Instead we must use the data passed as argument. It is unexpected but the host header can have several comma-separated values. Using the full header value can lead to unexpected result. Note: having multiple comma-separated values for the host header should not be supported. The comma should be part of the host value. But it is quite ambiguous. This will be fixed in another commit. This patch must be backported to all stable versions.
2026-05-01 11:10:59 +02:00 · 2026-04-24 11:06:16 +02:00 · 2026-04-24 11:06:16 +02:00 · 632b54ebfc
commit 632b54ebfc
parent 48afa73af8
1 changed files with 1 additions and 2 deletions
--- a/src/http_htx.c
+++ b/src/http_htx.c
@ -669,7 +669,6 @@ int http_replace_header_value(struct htx *htx, struct http_hdr_ctx *ctx, const s
 	blk = htx_replace_blk_value(htx, blk, ist2(start, len), data);
 	if (!blk)
 		goto fail;
-
 	v = htx_get_blk_value(htx, blk);

 	sl = http_get_stline(htx);
@ -677,7 +676,7 @@ int http_replace_header_value(struct htx *htx, struct http_hdr_ctx *ctx, const s
 		struct ist n = htx_get_blk_name(htx, blk);

 		if (isteq(n, ist("host"))) {
-			if (!http_update_authority(htx, sl, v))
+			if (!http_update_authority(htx, sl, data))
 				goto fail;
 			ctx->blk = NULL;
 			http_find_header(htx, ist("host"), ctx, 1);