diff options
| author | willchan@chromium.org <willchan@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-09-23 18:36:00 +0000 |
|---|---|---|
| committer | willchan@chromium.org <willchan@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-09-23 18:36:00 +0000 |
| commit | 9fe44f54a25b803b1b47ad168cf1d4cd008640d4 (patch) | |
| tree | d5a712942cc267ef87712b8db6f09d72995c7197 /net/base | |
| parent | d181ce31f11e8e7d95d956ea0f7fe241621f36a6 (diff) | |
| download | chromium_src-9fe44f54a25b803b1b47ad168cf1d4cd008640d4.zip chromium_src-9fe44f54a25b803b1b47ad168cf1d4cd008640d4.tar.gz chromium_src-9fe44f54a25b803b1b47ad168cf1d4cd008640d4.tar.bz2 | |
Support net::ERR_RESPONSE_HEADERS_MULTIPLE_CONTENT_LENGTH.
If we encounter multiple Content-Length headers without a
Transfer-Encoding header, then it's a potential response smuggling
attempt. Return an error.
BUG=56344
TEST=HttpNetworkTransactionTest.MultipleContentLengthHeadersNoTransferEncoding,HttpNetworkTransactionTest.MultipleContentLengthHeadersTransferEncoding
Review URL: http://codereview.chromium.org/3394016
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@60317 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base')
| -rw-r--r-- | net/base/net_error_list.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/net/base/net_error_list.h b/net/base/net_error_list.h index abf18d1..0370874 100644 --- a/net/base/net_error_list.h +++ b/net/base/net_error_list.h @@ -382,6 +382,9 @@ NET_ERROR(UNDOCUMENTED_SECURITY_LIBRARY_STATUS, -344) // The HTTP response was too big to drain. NET_ERROR(RESPONSE_BODY_TOO_BIG_TO_DRAIN, -345) +// The HTTP response was too big to drain. +NET_ERROR(RESPONSE_HEADERS_MULTIPLE_CONTENT_LENGTH, -346) + // The cache does not have the requested entry. NET_ERROR(CACHE_MISS, -400) |