empty server timing (#700)

* test for no (instead of empty) Server-Timing header * don't send Server-Timing header if result map is empty * changelog entry
coupergateway · Feb 13, 2023 · 659cf60 · 659cf60
1 parent 5b01355
commit 659cf60
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,7 @@
 Unreleased changes are available as `avenga/couper:edge` container.
 
 * **Fixed**
+  * Erroneously sending an empty [`Server-Timing` header](https://docs.couper.io/configuration/command-line#oberservation-options) ([#700](https://github.com/avenga/couper/pull/700))
   * url scheme while using the [`tls` block](https://docs.couper.io/configuration/block/server_tls) ([#703](https://github.com/avenga/couper/issues/703))
   * For [OIDC](https://docs.couper.io/configuration/block/oidc), trying to request userinfo from a non-existing (not required, though recommended) userinfo endpoint ([#709](https://github.com/avenga/couper/pull/709))
   * Some `..._file` attributes missing for path absolutizing ([#713](https://github.com/avenga/couper/pull/713))

diff --git a/handler/endpoint.go b/handler/endpoint.go
@@ -173,7 +173,10 @@ func (e *Endpoint) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
 	}
 
 	if e.opts.SendServerTimings {
-		rw.Header().Add(serverTimingHeader, getServerTimings(clientres.Header, beresps))
+		st := getServerTimings(clientres.Header, beresps)
+		if st != "" {
+			rw.Header().Add(serverTimingHeader, st)
+		}
 	}
 
 	// copy/write like a reverseProxy
@@ -196,6 +199,10 @@ func (e *Endpoint) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
 }
 
 func getServerTimings(headers http.Header, beresps producer.ResultMap) string {
+	if len(beresps) == 0 {
+		return ""
+	}
+
 	serverTimings := make(utils.ServerTimings)
 
 	for _, h := range headers.Values(serverTimingHeader) {

diff --git a/server/http_test.go b/server/http_test.go
@@ -960,6 +960,17 @@ func TestHTTPServer_ServerTiming(t *testing.T) {
 	if s := strings.Join(dataCouper2, " "); !exp2.MatchString(s) {
 		t.Errorf("Unexpected header from 'second' Couper: %s", s)
 	}
+
+	req, err = http.NewRequest(http.MethodGet, "http://anyserver:9090/empty", nil)
+	helper.Must(err)
+
+	res, err = client.Do(req)
+	helper.Must(err)
+
+	headers = res.Header.Values("Server-Timing")
+	if l := len(headers); l != 0 {
+		t.Fatalf("Unexpected number of headers: %d", l)
+	}
 }
 
 func TestHTTPServer_CVE_2022_2880(t *testing.T) {

diff --git a/server/testdata/integration/http/01_couper.hcl b/server/testdata/integration/http/01_couper.hcl
@@ -6,6 +6,12 @@ server "first" {
       backend = "b1"
     }
   }
+
+  endpoint "/empty" {
+    response {
+      status = 204
+    }
+  }
 }
 
 settings {