Re: legality of Transfer-Encoding: chunked bodies in HTTP/2

On 8 August 2014 04:08, Amos Jeffries <> wrote:
> So the sender application just excludes Content-Length and
> chunked-encodes the representation. The framing layer DATA frames the
> chunks without inspecting to find where END_STREAM flag applies.
> * Applications (whether DoS generators or innocent bunglers) can now
> force recipients to hold onto HTTP/2 stream context indefinitely for up
> to 2^31-1 streams. Just by emitting chunked encoded byte stream for DATA
> encoding. It not being de-chunked to find the 0-chunk where END_STREAM
> applies.
> * request smugglers can now abuse h2->1.1 gateways. Just send without
> content-length and having a "0\r\n" prefix on the 1.1 message smuggled
> inside DATA.

The complete opposite in fact.  If you pack chunked encoding in, then
that is (likely) garbage.  That's all.

Received on Friday, 8 August 2014 16:13:25 UTC