Skip to content

test: add semicolon after chunk size#40487

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
lpinca wants to merge 1 commit into from
Closed

test: add semicolon after chunk size #40487

lpinca wants to merge 1 commit into from

Conversation

@lpinca
Copy link
Member

@lpincalpinca commented Oct 17, 2021
edited
Loading

The ABNF for chunk extensions as per RFC 7230 is

chunk-ext = *( ";" chunk-ext-name [ "=" chunk-ext-val ] ) chunk-ext-name = token chunk-ext-val = token / quoted-string

Add a semicolon after the chunk size for clarity.

This does not invalidate the test as it verifies that the HTTP parser
does not ignore chunk extensions.

Refs: https://grenfeldt.dev/2021/10/08/gunicorn-20.1.0-public-disclosure-of-request-smuggling

@nodejs-github-botnodejs-github-bot added needs-ci PRs that need a full CI run. test Issues and PRs related to the tests. labels Oct 17, 2021
@lpinca
Copy link
MemberAuthor

lpinca commented Oct 17, 2021
edited
Loading

The first commit is from #40486.

@lpincalpincaforce-pushed the add/semicolon-after-chunk-size branch 2 times, most recently from dbaa93b to 5b3a3acCompareOctober 17, 2021 11:36
@lpinca
test: add semicolon after chunk size
c7ee409
The ABNF for chunk extensions as per RFC 7230 is chunk-ext = *( ";" chunk-ext-name [ "=" chunk-ext-val ] ) chunk-ext-name = token chunk-ext-val = token / quoted-string Add a semicolon after the chunk size for clarity. This does not invalidate the test as it verifies that the HTTP parser does not ignore chunk extensions. Refs: https://grenfeldt.dev/2021/10/08/gunicorn-20.1.0-public-disclosure-of-request-smuggling
@lpincalpincaforce-pushed the add/semicolon-after-chunk-size branch from 5b3a3ac to c7ee409CompareOctober 19, 2021 18:23
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Oct 19, 2021

CI: https://ci.nodejs.org/job/node-test-pull-request/40371/

@github-actionsgithub-actionsbot mentioned this pull request Oct 20, 2021
Open
27 tasks
This was referenced Oct 21, 2021
Open
Open
Open
Open
Open
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Nov 3, 2021

CI: https://ci.nodejs.org/job/node-test-pull-request/40687/

@github-actionsgithub-actionsbot mentioned this pull request Nov 4, 2021
Open
44 tasks
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Nov 4, 2021

CI: https://ci.nodejs.org/job/node-test-pull-request/40710/

This was referenced Nov 5, 2021
Open
Open
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Nov 6, 2021

CI: https://ci.nodejs.org/job/node-test-pull-request/40733/

lpinca added a commit that referenced this pull request Nov 6, 2021
@lpinca
test: add semicolon after chunk size
19839f8
The ABNF for chunk extensions as per RFC 7230 is chunk-ext = *( ";" chunk-ext-name [ "=" chunk-ext-val ] ) chunk-ext-name = token chunk-ext-val = token / quoted-string Add a semicolon after the chunk size for clarity. This does not invalidate the test as it verifies that the HTTP parser does not ignore chunk extensions. PR-URL: #40487 Refs: https://grenfeldt.dev/2021/10/08/gunicorn-20.1.0-public-disclosure-of-request-smuggling Reviewed-By: James M Snell <[email protected]>
@lpinca
Copy link
MemberAuthor

lpinca commented Nov 6, 2021

Landed in 19839f8.

@lpincalpinca closed this Nov 6, 2021
@lpincalpinca deleted the add/semicolon-after-chunk-size branch November 6, 2021 06:37
targos pushed a commit that referenced this pull request Nov 6, 2021
@lpinca@targos
test: add semicolon after chunk size
ac3bc6e
The ABNF for chunk extensions as per RFC 7230 is chunk-ext = *( ";" chunk-ext-name [ "=" chunk-ext-val ] ) chunk-ext-name = token chunk-ext-val = token / quoted-string Add a semicolon after the chunk size for clarity. This does not invalidate the test as it verifies that the HTTP parser does not ignore chunk extensions. PR-URL: #40487 Refs: https://grenfeldt.dev/2021/10/08/gunicorn-20.1.0-public-disclosure-of-request-smuggling Reviewed-By: James M Snell <[email protected]>
This was referenced Nov 7, 2021
Open
Open
@targostargos mentioned this pull request Nov 8, 2021
Merged
@github-actionsgithub-actionsbot mentioned this pull request Nov 9, 2021
Open
23 tasks
@github-actionsgithub-actionsbot mentioned this pull request Nov 10, 2021
Open
26 tasks
BethGriggs pushed a commit that referenced this pull request Nov 25, 2021
@lpinca@BethGriggs
test: add semicolon after chunk size
3d50997
The ABNF for chunk extensions as per RFC 7230 is chunk-ext = *( ";" chunk-ext-name [ "=" chunk-ext-val ] ) chunk-ext-name = token chunk-ext-val = token / quoted-string Add a semicolon after the chunk size for clarity. This does not invalidate the test as it verifies that the HTTP parser does not ignore chunk extensions. PR-URL: #40487 Refs: https://grenfeldt.dev/2021/10/08/gunicorn-20.1.0-public-disclosure-of-request-smuggling Reviewed-By: James M Snell <[email protected]>
@BethGriggsBethGriggs mentioned this pull request Nov 26, 2021
Merged
1 task
Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jasnelljasnelljasnell approved these changes

Assignees

No one assigned

Labels

needs-ciPRs that need a full CI run.testIssues and PRs related to the tests.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@lpinca@nodejs-github-bot@jasnell