diff --git a/src/http/fields.rs b/src/http/fields.rs index de6df16..d5a07ec 100644 --- a/src/http/fields.rs +++ b/src/http/fields.rs @@ -18,10 +18,25 @@ pub(crate) fn header_map_from_wasi(wasi_fields: Fields) -> Result Result { let wasi_fields = Fields::new(); for (key, value) in header_map { - // Unwrap because `HeaderMap` has already validated the headers. - wasi_fields - .append(key.as_str(), value.as_bytes()) - .with_context(|| format!("wasi rejected header `{key}: {value:?}`"))? + if !FORBIDDEN_HEADERS.contains(key) { + wasi_fields + .append(key.as_str(), value.as_bytes()) + .with_context(|| format!("wasi rejected header `{key}: {value:?}`"))? + } } Ok(wasi_fields) } + +const FORBIDDEN_HEADERS: [HeaderName; 11] = [ + http::header::CONNECTION, + HeaderName::from_static("keep-alive"), + http::header::PROXY_AUTHENTICATE, + http::header::PROXY_AUTHORIZATION, + HeaderName::from_static("proxy-connection"), + http::header::TRANSFER_ENCODING, + http::header::UPGRADE, + http::header::HOST, + HeaderName::from_static("http2-settings"), + http::header::EXPECT, + http::header::CONTENT_LENGTH, +]; diff --git a/src/http/server.rs b/src/http/server.rs index 9fb6ff4..c9a396c 100644 --- a/src/http/server.rs +++ b/src/http/server.rs @@ -19,7 +19,6 @@ //! [`http_server`]: crate::http_server use super::{Body, Error, Response, error::ErrorCode, fields::header_map_to_wasi}; -use http::header::CONTENT_LENGTH; use wasip2::exports::http::incoming_handler::ResponseOutparam; use wasip2::http::types::OutgoingResponse; @@ -44,14 +43,6 @@ impl Responder { // Consume the `response` and prepare to write the body. let body = response.into_body().into(); - // Automatically add a Content-Length header. - if let Some(len) = body.content_length() { - let mut buffer = itoa::Buffer::new(); - wasi_headers - .append(CONTENT_LENGTH.as_str(), buffer.format(len).as_bytes()) - .unwrap(); - } - let wasi_response = OutgoingResponse::new(wasi_headers); // Unwrap because `StatusCode` has already validated the status.