Open
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR adds a “pre-transaction” access logging path for malformed HTTP/2 request headers that are rejected before HttpSM is created, so these failures can still be recorded in squid.log (similar to HTTP/1 behavior).
Changes:
- Add
LogAccess::PreTransactionLogDataand extendLogAccessto support access log marshaling without anHttpSM. - Emit a best-effort access log entry from the HTTP/2 layer when rejecting malformed HEADERS/CONTINUATION input.
- Add gold and unit tests validating both malformed and valid HTTP/2 request logging.
Reviewed changes
Copilot reviewed 9 out of 9 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| tests/gold_tests/connect/replays/h2_malformed_request_logging.replay.yaml | Adds replay traffic for valid HTTP/2 GET and CONNECT cases used by the gold test. |
| tests/gold_tests/connect/malformed_h2_request_client.py | Adds a low-level client to send deliberately malformed HTTP/2 requests on the wire. |
| tests/gold_tests/connect/h2_malformed_request_logging.test.py | Adds an integration test that asserts malformed HTTP/2 requests are access logged and do not reach origin. |
| src/proxy/logging/unit-tests/test_LogAccess.cc | Adds Catch2 unit tests covering pre-transaction LogAccess marshaling behavior. |
| src/proxy/logging/LogAccess.cc | Implements pre-transaction initialization and adds guards/fallbacks for marshaling without HttpSM. |
| src/proxy/logging/CMakeLists.txt | Registers the new test_LogAccess executable in CMake when testing is enabled. |
| src/proxy/http2/Http2ConnectionState.cc | Logs malformed decoded request headers via Log::access() before stream reset/GOAWAY. |
| include/proxy/logging/LogAccess.h | Defines PreTransactionLogData and adds support helpers for pre-transaction logging mode. |
| include/proxy/http2/Http2Stream.h | Exposes a const accessor for the decoded receive header (get_receive_header()). |
tests/gold_tests/connect/replays/h2_malformed_request_logging.replay.yaml
Outdated
Show resolved
Hide resolved
bneradt
force-pushed
the
h2-malformed-request-txn-logging
branch
2 times, most recently
from
93a7fba to
fa9178b
Compare
maskit
previously approved these changes
Apr 6, 2026
Member
maskit
left a comment
maskit
left a comment
There was a problem hiding this comment.
It's good that this narrows the gap between H1 and H2 in terms of logging.
Suggestions for future improvement:
- I'm pretty sure H3 has the same issue. It would be nice if ProxyTransaction could take care of this pre-transaction scenario .
- A cleaner interface would be having just
LogAccess(LogData *data)for both. The subclasses ofLogDatawould beTransactionLogDatathat copies data fromHttpSM, andPreTransactionLogDatathat copies data fromProxyTransaction(orHttp2Stream). The subclasses would be defined in http or http2 module. Then we may be able to remove the the circular dependency (http <-> logging).
bneradt
force-pushed
the
h2-malformed-request-txn-logging
branch
from
fa9178b to
03e7c09
Compare
Contributor
Author
|
Converting to a draft while I work on @maskit 's comments. I'll un-draft when the patch is in better shape. |
bneradt
force-pushed
the
h2-malformed-request-txn-logging
branch
from
03e7c09 to
9ef2a82
Compare
bneradt
force-pushed
the
h2-malformed-request-txn-logging
branch
from
9ef2a82 to
45d1858
Compare
Unlike HTTP/1 transactions, malformed HTTP/2 requests are rejected before HttpSM creation, so they bypassed the normal transaction logging path. That left malformed h2 traffic out of squid.log even when similar h1 failures were visible. This adds a pre-transaction LogAccess path for malformed h2 request headers and emits a best-effort access log entry before resetting the stream.
bneradt
force-pushed
the
h2-malformed-request-txn-logging
branch
from
45d1858 to
9801fc9
Compare
maskit
reviewed
Apr 10, 2026
Member
maskit
left a comment
maskit
left a comment
There was a problem hiding this comment.
The copies are concerning. Otherwise, looks good.
| add_catch2_test(NAME test_RolledLogDeleter COMMAND test_RolledLogDeleter) | ||
|
|
||
| add_executable(test_LogAccess unit-tests/test_LogAccess.cc) | ||
| target_link_libraries(test_LogAccess ts::logging ts::http ts::inkevent records Catch2::Catch2WithMain) |
| { | ||
| ink_assert(sm != nullptr); | ||
|
|
||
| milestones = &sm->milestones; |
Member
There was a problem hiding this comment.
I think we don't do these copies now, do we? Since TransactionLogData has m_http_sm, it should be able to provide getters.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Unlike HTTP/1 transactions, malformed HTTP/2 requests are rejected before HttpSM creation, so they bypassed the normal transaction logging path. That left malformed h2 traffic out of squid.log even when similar h1 failures were visible.
This adds a pre-transaction LogAccess path for malformed h2 request headers and emits a best-effort access log entry before resetting the stream.