mirror of
https://git.haproxy.org/git/haproxy.git/
synced 2025-12-27 04:21:00 +01:00
d048d8b891
The binary samples are sometimes copied as is into http headers. A sample can contain bytes unallowed by the http rfc concerning header content, for example if it was extracted from binary data. The resulting http request can thus be invalid. This issue does not yet happen because haproxy currently (mistakenly) hex-encodes binary data, so it is not really possible to retrieve invalid HTTP chars. The solution consists in hex-encoding all non-printable chars prefixed by a '%' sign. No backport is needed since existing code is not affected yet.