mirror of
https://git.haproxy.org/git/haproxy.git/
synced 2026-05-09 06:56:09 +02:00
72fd357814
If h1 to h2 upgrades are not allowed, a 405-method-not-allowed error is now returned from the H1 multiplexer itself instead of dealing with "PRI * HTTP/2.0\r\n\r\n" request as a normal request. Before this kind of request was caught by the HTTP analyzers and a 400-bad-request was returned. This was added before the multiplexers era to protect backend apps against unexpected H1 to H2 uprade on server side. Now, it is possible to handle the error in the H1 multiplexer. One benefit is to be able to increment the glichtes counters. However, the error is still handled in HTTP analyzers to be sure to detect unwanted upgrades that can be hidden in H2 or H3 requests. There is a special case. TCP > H1 > H2 upgrades. In that case, a H1 stream exist. So we must report an error to the upper layer too. A reg-test script was added to validate the feature. In addition, tcp_to_http_upgrade.vtc was updated accordingly.