From 47d3100b252dc6668a9e46ae885242be9eeca9cd Mon Sep 17 00:00:00 2001
From: Stefan Eissing <icing@apache.org>
Date: Wed, 27 May 2026 09:37:31 +0000
Subject: [PATCH]   *) mod_http2: update to version 2.0.41      Fix cookie
 header accounting against LimitRequestFields.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1934678 13f79535-47bb-0310-9956-ffa450edef68
---
 changes-entries/h2_v2.0.41.txt | 3 +++
 modules/http2/h2_util.c        | 4 ++++
 modules/http2/h2_version.h     | 4 ++--
 3 files changed, 9 insertions(+), 2 deletions(-)
 create mode 100644 changes-entries/h2_v2.0.41.txt

diff --git a/changes-entries/h2_v2.0.41.txt b/changes-entries/h2_v2.0.41.txt
new file mode 100644
index 00000000000..4d7df59fed0
--- /dev/null
+++ b/changes-entries/h2_v2.0.41.txt
@@ -0,0 +1,3 @@
+  *) mod_http2: update to version 2.0.41
+     Fix cookie header accounting against LimitRequestFields.
+     [Stefan Eissing]
diff --git a/modules/http2/h2_util.c b/modules/http2/h2_util.c
index b377ff77f1b..b3039451f39 100644
--- a/modules/http2/h2_util.c
+++ b/modules/http2/h2_util.c
@@ -1708,6 +1708,8 @@ static apr_status_t req_add_header(apr_table_t *headers, apr_pool_t *pool,
              && !ap_cstr_casecmpn("cookie", (const char *)nv->name, nv->namelen)) {
         existing = apr_table_get(headers, "cookie");
         if (existing) {
+            if (!nv->valuelen)
+                return APR_SUCCESS;
             /* Cookie header come separately in HTTP/2, but need
              * to be merged by "; " (instead of default ", ")
              */
@@ -1719,6 +1721,8 @@ static apr_status_t req_add_header(apr_table_t *headers, apr_pool_t *pool,
             apr_table_setn(headers, "Cookie",
                            apr_psprintf(pool, "%s; %.*s", existing,
                                         (int)nv->valuelen, nv->value));
+            /* Treat the merge as an "add" to not escape LimitRequestFields */
+            *pwas_added = 1;
             return APR_SUCCESS;
         }
     }
diff --git a/modules/http2/h2_version.h b/modules/http2/h2_version.h
index 1d7113f58bd..cc0164e080d 100644
--- a/modules/http2/h2_version.h
+++ b/modules/http2/h2_version.h
@@ -27,7 +27,7 @@
  * @macro
  * Version number of the http2 module as c string
  */
-#define MOD_HTTP2_VERSION "2.0.39"
+#define MOD_HTTP2_VERSION "2.0.41"
 
 /**
  * @macro
@@ -35,7 +35,7 @@
  * release. This is a 24 bit number with 8 bits for major number, 8 bits
  * for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203.
  */
-#define MOD_HTTP2_VERSION_NUM 0x020027
+#define MOD_HTTP2_VERSION_NUM 0x020029
 
 
 #endif /* mod_h2_h2_version_h */