From 18691642931e5c7ac8af83ac3a84fbcb36000f96 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 3 Sep 2015 22:23:50 +0200
Subject: http2: don't pass on Connection: headers

RFC 7540 section 8.1.2.2 states: "An endpoint MUST NOT generate an
HTTP/2 message containing connection-specific header fields; any message
containing connection-specific header fields MUST be treated as
malformed"

Closes #401
---
 lib/http2.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/lib/http2.c b/lib/http2.c
index 6228c1127..588780bab 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -1290,10 +1290,14 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex,
   authority_idx = 0;
 
   for(i = 3; i < nheader; ++i) {
+    size_t hlen;
     end = strchr(hdbuf, ':');
     if(!end)
       goto fail;
-    if(end - hdbuf == 4 && Curl_raw_nequal("host", hdbuf, 4)) {
+    hlen = end - hdbuf;
+    if(hlen == 10 && Curl_raw_nequal("connection", hdbuf, 10))
+      ; /* skip Connection: headers! */
+    else if(hlen == 4 && Curl_raw_nequal("host", hdbuf, 4)) {
       authority_idx = i;
       nva[i].name = (unsigned char *)":authority";
       nva[i].namelen = (uint16_t)strlen((char *)nva[i].name);
-- 
cgit v1.2.3