fix: HTTP/1.1 requests with truncated kernel versions#1088
Merged
Conversation
Leading and trailing whitespace in any request header value will prevent requests from being sent when using HTTP 1.1 as `h11` package's normalize_and_validate function (https://github.com/python-hyper/h11/blob/62c5068c971579d61fa1b55373390e12f25fd856/h11/_headers.py#L152) validates the header using a regex that explicitly disallows trailing whitespace. `h2`, used for HTTP 2 traffic, trims the values itself. The HostOs header can end up with leading whitespace if `platform.system()` returns an empty string (which per Python's documentation is possible: "An empty string is returned if the value cannot be determined.") The HostOs header can end up with trailing whitespace in two cases: * If `platform.version()` returns an empty string (which per Python's documentation is possible: "An empty string is returned if the value cannot be determined.") * If `platform.version()` returns a string that ends with a whitespace character. The latter case can happen on e.g. a Linux platform where `platform.version()` usually returns the kernel version. The `uname` struct fields are 65 characters (as seen here: https://github.com/torvalds/linux/blob/9154c4af7829b6f82712b4d1a2a720adddacdb8d/include/uapi/linux/utsname.h#L25) - A kernel version longer than 65 characters may end up being with a whitespace as the last character.
|
Sobuno
changed the title
Contributor
Author
|
(I experienced this issue today as https://graph.microsoft.com seemingly stopped allowing HTTP/2 traffic, causing the package to fall back to the |
MIchaelMainer
approved these changes
Jun 4, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Overview
This PR fixes a bug where requests cannot be sent over HTTP/1.1 if the
HostOsheader's value starts or ends with whitespace.HTTP/2 is not affected by this bug as the underlying
h2package trims the whitespace itself.This fixes #1087.
Notes
Leading and trailing whitespace in any request header value will prevent requests from being sent when using HTTP 1.1 as
h11package's normalize_and_validate function (https://github.com/python-hyper/h11/blob/62c5068c971579d61fa1b55373390e12f25fd856/h11/_headers.py#L152) validates the header using a regex that explicitly disallows trailing whitespace.h2, used for HTTP 2 traffic, trims the values itself.The HostOs header can end up with leading whitespace if
platform.system()returns an empty string (which per Python's documentation is possible: "An empty string is returned if the value cannot be determined.")The HostOs header can end up with trailing whitespace in two cases:
platform.version()returns an empty string (which per Python's documentation is possible: "An empty string is returned if the value cannot be determined.")platform.version()returns a string that ends with a whitespace character.The latter case can happen on e.g. a Linux platform where
platform.version()usually returns the kernel version. Theunamestruct fields are 65 characters (as seen here: https://github.com/torvalds/linux/blob/9154c4af7829b6f82712b4d1a2a720adddacdb8d/include/uapi/linux/utsname.h#L25) - A kernel version longer than 65 characters may end up being with a whitespace as the last character.Testing Instructions
h11would give anInvalid header valueerror