From 454ecb56e3ac4246f6706522e781d68c128d691c Mon Sep 17 00:00:00 2001 From: epriestley Date: Sat, 25 Apr 2020 07:30:25 -0700 Subject: [PATCH] When proxying HTTP repository responses from repository nodes, discard content description headers Summary: Ref T13517. See that task for details about the underlying issue here. Currently, we may decode a compressed response, then retransmit it with leftover "Content-Encoding" and "Content-Length" headers. Instead, strip these headers. Test Plan: - In a clustered repository setup, cloned a Git repository over HTTP. - Before: Error while processing content unencoding: invalid stored block lengths - After: Clean clone. Maniphest Tasks: T13517 Differential Revision: https://secure.phabricator.com/D21167 --- src/aphront/response/AphrontHTTPProxyResponse.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/aphront/response/AphrontHTTPProxyResponse.php b/src/aphront/response/AphrontHTTPProxyResponse.php index fa629181ef..0cc482a8d5 100644 --- a/src/aphront/response/AphrontHTTPProxyResponse.php +++ b/src/aphront/response/AphrontHTTPProxyResponse.php @@ -61,11 +61,17 @@ final class AphrontHTTPProxyResponse extends AphrontResponse { // Strip "Transfer-Encoding" headers. Particularly, the server we proxied // may have chunked the response, but cURL will already have un-chunked it. // If we emit the header and unchunked data, the response becomes invalid. + + // See T13517. Strip "Content-Encoding" and "Content-Length" headers, since + // they may reflect compressed content. + foreach ($headers as $key => $header) { list($header_head, $header_body) = $header; $header_head = phutil_utf8_strtolower($header_head); switch ($header_head) { case 'transfer-encoding': + case 'content-encoding': + case 'content-length': unset($headers[$key]); break; }