Project

General

Profile

Actions

Feature #6426

closed

HTTP/2 - app-layer-event and normalization when userinfo is in the :authority pseudo header for the http.host header

Added by Brandon Murphy about 1 year ago. Updated 11 months ago.

Status:
Closed
Priority:
Normal
Target version:
Effort:
Difficulty:
Label:

Description

as per RFC 9113

":authority" MUST NOT include the deprecated userinfo subcomponent for "http" or "https" schemed URIs.

I'm wondering if we can get an app-layer-event for when this occurs and for the information to be normalized out when populating the http.host buffer but leaving it in the http.host.raw buffer.

Attached is a pcap of this occurring.


Files

http2_userinfo_in_authority_1.pcap (1.05 KB) http2_userinfo_in_authority_1.pcap Brandon Murphy, 10/27/2023 08:58 PM

Subtasks 2 (0 open2 closed)

Feature #6430: HTTP/2 - app-layer-event and normalization when userinfo is in the :authority pseudo header for the http.host header (6.0.x backport)ClosedPhilippe AntoineActions
Feature #6507: HTTP/2 - app-layer-event and normalization when userinfo is in the :authority pseudo header for the http.host header (7.0.x backport)ClosedPhilippe AntoineActions
Actions

Also available in: Atom PDF