Custom Query (2311 matches)

In nginx-1.23.3/src/http/ngx_http_core_module.c , "ngx_http_set_etag" function adds the "ETag" header to response but does not initialize the header lowcase_key par: "etag->lowcase_key" and not nullify it either so we can't null-check it and know if it is unset in our module code.

I suggest to initialize the lowcase_key while initializing "etag" variable in "ngx_http_set_etag" function and have two options for that

1. etag->lowcase_key= ngx_pnalloc(r->pool, strlen("etag") + 1); strcpy((char*) etag->lowcase_key, "etag");

2. etag->lowcase_key=(u_char*)"etag"; r->headers_out.etag = etag;

I think the first option is safer because we don't cast the string literal const to u_char*

If for some reason bug reviewer thinks we shouldn't init the lowcase_key just nullifying will also help.

HTTP3+QUIC

There is no $http_host value in http_v3, so there is no value when transmitting the Host Header to upstream.

` listen 443 quic reuseport; listen 443 ssl backlog=65000; http2 on; http3 on; ..... proxy_set_header Host $http_host; `

upstream $http_host Host http header nothing

nginx-1.25.3 Required rpm and spec file