From 97a40cce0dcef02eab967035365a501711c6499f Mon Sep 17 00:00:00 2001 From: MaximAL Date: Tue, 10 Dec 2024 08:32:02 +0300 Subject: [PATCH] Add `_` to host validation (#372) --- src/Driver/Http1Driver.php | 4 ++-- src/Driver/Http2Driver.php | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/Driver/Http1Driver.php b/src/Driver/Http1Driver.php index 7388810f..b3c7ab45 100644 --- a/src/Driver/Http1Driver.php +++ b/src/Driver/Http1Driver.php @@ -250,7 +250,7 @@ public function handleClient( throw new ClientException($this->client, "Bad Request: multiple host headers", HttpStatus::BAD_REQUEST); } - if (!\preg_match("#^([A-Z\d.\-]+|\[[\d:]+])(?::([1-9]\d*))?$#i", $headers["host"][0], $matches)) { + if (!\preg_match("#^([A-Z\d._\-]+|\[[\d:]+])(?::([1-9]\d*))?$#i", $headers["host"][0], $matches)) { throw new ClientException($this->client, "Bad Request: invalid host header", HttpStatus::BAD_REQUEST); } @@ -317,7 +317,7 @@ public function handleClient( ); } - if (!\preg_match("#^([A-Z\d.\-]+|\[[\d:]+]):([1-9]\d*)$#i", $target, $matches)) { + if (!\preg_match("#^([A-Z\d._\-]+|\[[\d:]+]):([1-9]\d*)$#i", $target, $matches)) { throw new ClientException( $this->client, "Bad Request: invalid connect target", diff --git a/src/Driver/Http2Driver.php b/src/Driver/Http2Driver.php index 2d1eb81c..068b5546 100644 --- a/src/Driver/Http2Driver.php +++ b/src/Driver/Http2Driver.php @@ -967,7 +967,7 @@ public function handleHeaders(int $streamId, array $pseudo, array $headers, bool [':method' => $method, ':path' => $target, ':scheme' => $scheme, ':authority' => $host] = $pseudo; $query = null; - if (!\preg_match("#^([A-Z\d.\-]+|\[[\d:]+])(?::([1-9]\d*))?$#i", $host, $matches)) { + if (!\preg_match("#^([A-Z\d._\-]+|\[[\d:]+])(?::([1-9]\d*))?$#i", $host, $matches)) { throw new Http2StreamException( "Invalid authority (host) name", $streamId,