summaryrefslogtreecommitdiffstats
path: root/vendor/golang.org/x/net/http2/server.go
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/golang.org/x/net/http2/server.go')
-rw-r--r--vendor/golang.org/x/net/http2/server.go11
1 files changed, 2 insertions, 9 deletions
diff --git a/vendor/golang.org/x/net/http2/server.go b/vendor/golang.org/x/net/http2/server.go
index 22cb18e06..56859d1f8 100644
--- a/vendor/golang.org/x/net/http2/server.go
+++ b/vendor/golang.org/x/net/http2/server.go
@@ -663,6 +663,7 @@ func (sc *serverConn) condlogf(err error, format string, args ...interface{}) {
func (sc *serverConn) canonicalHeader(v string) string {
sc.serveG.check()
+ buildCommonHeaderMapsOnce()
cv, ok := commonCanonHeader[v]
if ok {
return cv
@@ -2346,15 +2347,7 @@ func (rws *responseWriterState) writeChunk(p []byte) (n int, err error) {
}
_, hasContentType := rws.snapHeader["Content-Type"]
if !hasContentType && bodyAllowedForStatus(rws.status) && len(p) > 0 {
- if cto := rws.snapHeader.Get("X-Content-Type-Options"); strings.EqualFold("nosniff", cto) {
- // nosniff is an explicit directive not to guess a content-type.
- // Content-sniffing is no less susceptible to polyglot attacks via
- // hosted content when done on the server.
- ctype = "application/octet-stream"
- rws.conn.logf("http2: WriteHeader called with X-Content-Type-Options:nosniff but no Content-Type")
- } else {
- ctype = http.DetectContentType(p)
- }
+ ctype = http.DetectContentType(p)
}
var date string
if _, ok := rws.snapHeader["Date"]; !ok {
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-05-20 15:39:27 +0000