fix: filter Host header for HTTP/2 requests (Google compatibility) #811
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
HTTP/2 uses the :authority pseudo-header instead of the Host header. Having both Host and :authority headers causes protocol_error on strict HTTP/2 implementations like Google's servers. This change filters out the Host header in normalize_headers() when preparing HTTP/2 requests, since the :authority pseudo-header already contains the same information. Fixes HTTP/2 compatibility with: - www.google.com - *.googleapis.com (oauth2, storage, aiplatform, etc.) - Other strict HTTP/2 server implementations References: - RFC 7540 Section 8.1.2.3: "The :authority pseudo-header field includes the authority portion of the target URI"
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Filter out the
Hostheader when preparing HTTP/2 requests. HTTP/2 uses the:authoritypseudo-header instead, and having both causes{stream_error, protocol_error}on strict HTTP/2 implementations.Problem
hackney 2.0.0-beta.1 HTTP/2 requests were failing on Google servers with:
{error, {stream_error, protocol_error}}Root cause: hackney was sending both
Hostheader AND:authoritypseudo-header in HTTP/2 HEADERS frames. While RFC 7540 allowsHostfor compatibility, Google's strict implementation rejects requests with both.Solution
Filter out
Hostheader innormalize_headers/1when preparing HTTP/2 headers. The:authoritypseudo-header already contains the same host information.Testing
Verified working with:
All 848 existing tests pass.