diff --git a/doc/configuration.txt b/doc/configuration.txt index 99972f747..de3da7a2b 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -8366,14 +8366,8 @@ http-send-name-header [
] very late in the connection setup, it may have unexpected effects on already modified headers. For example using it with transport-level header such as connection, content-length, transfer-encoding and so on will likely result in - invalid requests being sent to the server. Additionally it has been reported - that this directive is currently being used as a way to overwrite the Host - header field in outgoing requests; while this trick has been known to work - as a side effect of the feature for some time, it is not officially supported - and might possibly not work anymore in a future version depending on the - technical difficulties this feature induces. A long-term solution instead - consists in fixing the application which required this trick so that it binds - to the correct host name. + invalid requests being sent to the server. This is why following header names + are forbidden: host, content-length, transfer-encoding and connection. See also : "server" diff --git a/src/cfgparse-listen.c b/src/cfgparse-listen.c index 07bb05012..b0d24be3a 100644 --- a/src/cfgparse-listen.c +++ b/src/cfgparse-listen.c @@ -1476,6 +1476,15 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm) err_code |= ERR_ALERT | ERR_FATAL; goto out; } + if (strcasecmp(args[1], "host") == 0 || + strcasecmp(args[1], "content-length") == 0 || + strcasecmp(args[1], "transfer-encoding") == 0 || + strcasecmp(args[1], "connection") == 0) { + ha_alert("parsing [%s:%d] : '%s' cannot be used as header name for '%s' directive.\n", + file, linenum, args[1], args[0]); + err_code |= ERR_ALERT | ERR_FATAL; + goto out; + } /* set the desired header name, in lower case */ istfree(&curproxy->server_id_hdr_name);