Removed "Transfer-Encoding: identity" support.
The "identity" transfer coding has been removed in RFC 7230. It is
believed that it is not used in real life, and at the same time it
provides a potential attack vector.
diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c
index 85c9803..9e64fd2 100644
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -1952,10 +1952,7 @@
r->headers_in.content_length_n = -1;
r->headers_in.chunked = 1;
- } else if (r->headers_in.transfer_encoding->value.len != 8
- || ngx_strncasecmp(r->headers_in.transfer_encoding->value.data,
- (u_char *) "identity", 8) != 0)
- {
+ } else {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent unknown \"Transfer-Encoding\": \"%V\"",
&r->headers_in.transfer_encoding->value);