Cypherpunks repositories - gostls13.git/commit

author	Emmanuel T Odeke <emmanuel@orijtech.com>
	Tue, 19 Mar 2024 06:05:12 +0000 (23:05 -0700)
committer	Gopher Robot <gobot@golang.org>
	Wed, 20 Mar 2024 11:31:46 +0000 (11:31 +0000)
commit	81a32eff7161ad6c15ace141b8e9dba8f81feac2
tree	0a0cd290442f9288a6ec79905039d764c0783e6e	tree
parent	fba54f6345449586518039043ab38df337c25146	commit \| diff

net/http: validate outgoing/client request trailers

This change validates outbound client request trailers
just like we do for headers. This helps prevent header
injection or other sorts of smuggling from easily being
performed using the standard HTTP client.

Fixes #64766

Change-Id: Idb34df876a0c308b1f57e9ae2695b118ac6bcc2d
Reviewed-on: https://go-review.googlesource.com/c/go/+/572615
Reviewed-by: David Chase <drchase@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Auto-Submit: Damien Neil <dneil@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Damien Neil <dneil@google.com>
Run-TryBot: Emmanuel Odeke <emmanuel@orijtech.com>
Auto-Submit: Emmanuel Odeke <emmanuel@orijtech.com>

src/net/http/transport.go		diff \| blob \| history
src/net/http/transport_test.go		diff \| blob \| history