Removed "Transfer-Encoding: identity" support. The "identity" transfer coding has been removed in RFC 7230. It is believed that it is not used in real life, and at the same time it provides a potential attack vector.

commit: a70fe807201c27397ee981a36feab9f6575cbb0e [log] [tgz]
author: Maxim Dounin <mdounin@mdounin.ru> Thu Feb 20 16:19:34 2020 +0300
committer: Maxim Dounin <mdounin@mdounin.ru> Thu Feb 20 16:19:34 2020 +0300
tree: 552fe50584226dfd77e8064d60b138bd1c40ec04
parent: 1766c1ddcd414c58b9ead03674bccdd2b02dbb30 [diff]
diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c
index 85c9803..9e64fd2 100644
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c

@@ -1952,10 +1952,7 @@
             r->headers_in.content_length_n = -1;
             r->headers_in.chunked = 1;
 
-        } else if (r->headers_in.transfer_encoding->value.len != 8
-            || ngx_strncasecmp(r->headers_in.transfer_encoding->value.data,
-                               (u_char *) "identity", 8) != 0)
-        {
+        } else {
             ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
                           "client sent unknown \"Transfer-Encoding\": \"%V\"",
                           &r->headers_in.transfer_encoding->value);
commit	a70fe807201c27397ee981a36feab9f6575cbb0e	[log] [tgz]
author	Maxim Dounin <mdounin@mdounin.ru>	Thu Feb 20 16:19:34 2020 +0300
committer	Maxim Dounin <mdounin@mdounin.ru>	Thu Feb 20 16:19:34 2020 +0300
tree	552fe50584226dfd77e8064d60b138bd1c40ec04
parent	1766c1ddcd414c58b9ead03674bccdd2b02dbb30 [diff]