[go1.15] apimachinery/pkg/util/proxy: Drop identity transfer-encoding

ref: https://tip.golang.org/doc/go1.15#net/http Parsing is now stricter as a hardening measure against request smuggling attacks: non-ASCII white space is no longer trimmed like SP and HTAB, and support for the "identity" Transfer-Encoding was dropped. Signed-off-by: Stephen Augustus <saugustus@vmware.com>
2025-07-22 03:11:40 +00:00 · 2020-07-23 14:32:26 -04:00 · 2020-07-23 14:32:26 -04:00 · 1171ae7153
commit 1171ae7153
parent 05ffc95347
1 changed files with 0 additions and 15 deletions
--- a/staging/src/k8s.io/apimachinery/pkg/util/proxy/upgradeaware_test.go
+++ b/staging/src/k8s.io/apimachinery/pkg/util/proxy/upgradeaware_test.go
@ -763,21 +763,6 @@ func TestProxyRequestContentLengthAndTransferEncoding(t *testing.T) {
 			expectedBody: sampleData,
 		},

-		"content-length + identity transfer-encoding": {
-			reqHeaders: http.Header{
-				"Content-Length":    []string{"5"},
-				"Transfer-Encoding": []string{"identity"},
-			},
-			reqBody: sampleData,
-
-			expectedHeaders: http.Header{
-				"Content-Length":    []string{"5"},
-				"Content-Encoding":  nil, // none set
-				"Transfer-Encoding": nil, // gets removed
-			},
-			expectedBody: sampleData,
-		},
-
 		"content-length + gzip content-encoding": {
 			reqHeaders: http.Header{
 				"Content-Length":   []string{strconv.Itoa(len(zip(sampleData)))},