mirror of
				https://github.com/caddyserver/caddy.git
				synced 2025-10-25 15:52:45 -04:00 
			
		
		
		
	reverseproxy: validate versions in http transport (#7112)
This commit is contained in:
		
							parent
							
								
									a067fb1760
								
							
						
					
					
						commit
						1209b5c566
					
				| @ -171,12 +171,25 @@ func (HTTPTransport) CaddyModule() caddy.ModuleInfo { | |||||||
| 	} | 	} | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|  | var ( | ||||||
|  | 	allowedVersions       = []string{"1.1", "2", "h2c", "3"} | ||||||
|  | 	allowedVersionsString = strings.Join(allowedVersions, ", ") | ||||||
|  | ) | ||||||
|  | 
 | ||||||
| // Provision sets up h.Transport with a *http.Transport | // Provision sets up h.Transport with a *http.Transport | ||||||
| // that is ready to use. | // that is ready to use. | ||||||
| func (h *HTTPTransport) Provision(ctx caddy.Context) error { | func (h *HTTPTransport) Provision(ctx caddy.Context) error { | ||||||
| 	if len(h.Versions) == 0 { | 	if len(h.Versions) == 0 { | ||||||
| 		h.Versions = []string{"1.1", "2"} | 		h.Versions = []string{"1.1", "2"} | ||||||
| 	} | 	} | ||||||
|  | 	// some users may provide http versions not recognized by caddy, instead of trying to | ||||||
|  | 	// guess the version, we just error out and let the user fix their config | ||||||
|  | 	// see: https://github.com/caddyserver/caddy/issues/7111 | ||||||
|  | 	for _, v := range h.Versions { | ||||||
|  | 		if !slices.Contains(allowedVersions, v) { | ||||||
|  | 			return fmt.Errorf("unsupported HTTP version: %s, supported version: %s", v, allowedVersionsString) | ||||||
|  | 		} | ||||||
|  | 	} | ||||||
| 
 | 
 | ||||||
| 	rt, err := h.NewTransport(ctx) | 	rt, err := h.NewTransport(ctx) | ||||||
| 	if err != nil { | 	if err != nil { | ||||||
|  | |||||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user