aboutsummaryrefslogtreecommitdiff
path: root/src/tool_getparam.c
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2019-02-18 09:10:01 +0100
committerDaniel Stenberg <daniel@haxx.se>2019-02-20 08:18:02 +0100
commitaa5a28bd697d652f78ba471022092e148d0b6e4f (patch)
treeca8573ac9127aa9e193777cd6bb89bf34bd92e4c /src/tool_getparam.c
parentafc00e047c773faeaa60a5f86a246cbbeeba5819 (diff)
http2: verify :athority in push promise requests
RFC 7540 says we should verify that the push is for an "authoritative" server. We make sure of this by only allowing push with an :athority header that matches the host that was asked for in the URL. Fixes #3577 Reported-by: Nicolas Grekas Bug: https://curl.haxx.se/mail/lib-2019-02/0057.html Closes #3581
Diffstat (limited to 'src/tool_getparam.c')
0 files changed, 0 insertions, 0 deletions