Skip to content

fix: Reject Triton reserved keys in parameters and forward headers#8763

Merged
yinggeh merged 2 commits into
mainfrom
yinggeh/tri-854-psirt-triton-http-parameter-injection-via-header-forwarding
May 6, 2026
Merged

fix: Reject Triton reserved keys in parameters and forward headers#8763
yinggeh merged 2 commits into
mainfrom
yinggeh/tri-854-psirt-triton-http-parameter-injection-via-header-forwarding

Conversation

@yinggeh
Copy link
Copy Markdown
Contributor

@yinggeh yinggeh commented May 4, 2026
edited
Loading

What does the PR do?

Reject Triton reserved keys in parameters and forward headers in HTTP and gRPC.

Checklist

  • PR title reflects the change and is of format <commit_type>: <Title>
  • Changes are described in the pull request.
  • Related issues are referenced.
  • Populated github labels field
  • Added test plan and verified test passes.
  • Verified that the PR passes existing CI.
  • Verified copyright is correct on all changed files.
  • Added succinct git squash message before merging ref.
  • All template sections are filled out.
  • Optional: Additional screenshots for behavior/output changes with before/after.

Commit Type:

Check the conventional commit type
box here and add the label to the github PR.

  • fix

Related PRs:

triton-inference-server/client#894

Where should the reviewer start?

Test plan:

  • CI Pipeline ID:
    50210103

Caveats:

Background

Related Issues: (use one of the action keywords Closes / Fixes / Resolves / Relates to)

  • closes GitHub issue: #xxx

@yinggeh yinggeh requested a review from mc-nv May 4, 2026 12:17
@yinggeh
security: Block injection of reserved params via header forwarding (T…
4961352 
…RI-854)

When the header-forward pattern matched a Triton-reserved name (e.g.
`sequence_id`, `priority`, `binary_data_output`), a client could
silently overwrite internal request parameters. Both HTTP and gRPC
header-forwarding paths now reject any key in `kReservedParameterKeys`
or with a `triton_` prefix. Adds `binary_data_output` to the reserved
list in docs and expands the L0_parameters test suite with explicit
rejection test cases.
@yinggeh yinggeh force-pushed the yinggeh/tri-854-psirt-triton-http-parameter-injection-via-header-forwarding branch from 01b9763 to 4961352 Compare May 4, 2026 12:19
github-advanced-security[bot]
github-advanced-security AI found potential problems May 4, 2026
View reviewed changes
Comment thread qa/L0_parameters/parameters_test.py Fixed
Comment thread qa/L0_parameters/parameters_test.py Fixed
@yinggeh yinggeh removed the request for review from mc-nv May 4, 2026 12:21
@yinggeh yinggeh changed the title security: Block reserved parameter injection via HTTP/gRPC header forwarding (TRI-854) fix: Reject Triton reserved keys in parameters and forward headers May 4, 2026
@yinggeh yinggeh self-assigned this May 4, 2026
@yinggeh yinggeh added the PR: fix A bug fix label May 4, 2026
@yinggeh yinggeh requested review from pskiran1 and whoisj May 4, 2026 12:33
@yinggeh yinggeh merged commit 69987b7 into main May 6, 2026
3 checks passed
@yinggeh yinggeh deleted the yinggeh/tri-854-psirt-triton-http-parameter-injection-via-header-forwarding branch May 6, 2026 21:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@whoisj whoisj whoisj approved these changes

@pskiran1 pskiran1 Awaiting requested review from pskiran1

+1 more reviewer

@github-advanced-security github-advanced-security[bot] github-advanced-security[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@yinggeh yinggeh

Labels

PR: fix A bug fix

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@yinggeh @whoisj @github-advanced-security