rama icon indicating copy to clipboard operation
rama copied to clipboard
verified publisher icon plabayo

auto correct illegal http configs

Open GlenDC opened this issue 1 year ago • 1 comments

E.g. strip out Connection header when a http version higher then http/1.1 is requested.

GlenDC avatar Feb 20 '24 12:02 GlenDC

First step will be to collect a list of such headers that are only valid in certain http. versions, secure mode or other contexts... The Connection is already an example given here. The #67 (CH) issue also mentions already client hints only in secure mode. There might however be more, all can be listed here.... Question is if this needs to be a middleware or if perhaps we can just fo this as part of the UA web client?

GlenDC avatar Apr 20 '24 19:04 GlenDC

Relates to sanitize_client_req_header, we can tackle this as part of a nice layer that can work with rules.

Related to https://github.com/plabayo/rama/issues/380

GlenDC avatar Jan 13 '25 16:01 GlenDC

This is already handled nicely by sanitize_client_req_header. For now keeping it there is okay, Depending if there are issues with it in future or it grows too much we can move it somewhere else, even though not sure where. For now it's ok as-is.

Client-Hints are for now out of scope, as the UA Emulation will set it already correctly based on what is desired, and any pre-defined CH's are up to the user to have done correctly.

GlenDC avatar Jan 20 '25 09:01 GlenDC