Merged
Conversation
RFC9112 is now extra explicit about the close delimiting applying exclusively to response messages for HTTP/1.0. Also disables reuse explicitly when close delimiting on the response side as defense-in-depth that shouldn't have behavioral diff.
The upgrade body mode changes also should be applied to subrequests though upgrade and websockets are still highly experimental for them.
If a content-length is present RFC9112 indicates we must reject invalid forms of that content-length header. This eliminates situations where we might be dealing with ambiguous request framing.
Custom sessions need to report their upgrade state to the proxy framework. Previously, Session::is_upgrade_req() and Session::was_upgraded() always returned false for Custom sessions, which broke WebSocket upgrade handling when using custom protocols. This change: - Adds is_upgrade_req() and was_upgraded() methods to the custom Session trait with default implementations returning false - Updates the main Session enum to delegate to the custom session's implementation instead of returning false
This can be enabled via server options. Since CONNECT changes the request-response flow separate from HTTP much like upgrade requests but is currently unsupported, these requests will be automatically rejected by default.
When a custom protocol is shutdown, it is passed a numeric code. This should be 0 to indicate an explicit shutdown rather than any other transport error.
Anyone using caching must must now implement cache_key_callback themselves. This forces an explicit decision about what belongs in the cache key for anyone using thet trait for caching rather than providing an unsafe default that does not support web standards.
If the body is not init when upgraded, there was an issue where the body might be improperly ended early and the conn simply closed.
Rejecting bad upstream content-length by default to avoid forwarding ambiguously framed messages. An option still exists to allow this in the peer options, if needed, and treat these responses as close-delimited though this is non-RFC-compliant. The content-length is now also removed on the response if transfer-encoding is present, per RFC.
…ket` impl The `#[cfg(windows)] impl AsRawSocket for RawStream` was missing a match arm for the `RawStream::Virtual(_)` variant, causing a compilation error (E0004: non-exhaustive patterns) on Windows targets. The `Virtual` variant is not gated by any `#[cfg]` attribute and exists on all platforms, but the Windows `AsRawSocket` implementation only matched `RawStream::Tcp(s)`. This fix adds the missing arm, returning `!0` (INVALID_SOCKET) for virtual streams, consistent with the Unix `AsRawFd` implementation which returns `-1` for the same variant. Co-authored-by: Cursor <cursoragent@cursor.com> Includes-commit: 6da94f9 Replicated-from: #809
The peer option wasn't always being applied when used with other connectors like v2. Also clarify this is to support legacy behavior and may be removed in the future.
`parse_range_header` was returning `RangeType::None` for the input `"bytes="` (the bytes= prefix with no range-specs after it). Per RFC 9110 14.1.2, `"bytes="` is syntactically a range request with zero satisfiable range-specs, so the correct response is 416 Range Not Satisfiable. Added an early check for an empty/whitespace-only range-set after the `bytes=` prefix, returning `RangeType::Invalid` instead of falling through to the regex loop.
This removes {transfer,content}-encoding headers from 416 resonses. This
mirrors what to_304() in conditional_filter.rs already does for 304 Not
Modified responses.
…ith dependents and dependencies
drcaramelsyrup
approved these changes
Mar 2, 2026
gumpt
approved these changes
Mar 2, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
9 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.