nghttpx: Send 431 if header field size exceeded the configuration limit
This commit is contained in:
Tatsuhiro Tsujikawa
parent
8c6f9e899f
commit
ea8a566d98
|
|
@ -193,6 +193,10 @@ public:
|
||||||
// header contains invalid header field. We can safely send error
|
// header contains invalid header field. We can safely send error
|
||||||
// response (502) to a client.
|
// response (502) to a client.
|
||||||
MSG_BAD_HEADER,
|
MSG_BAD_HEADER,
|
||||||
|
// header fields in HTTP/1 request exceed the configuration limit.
|
||||||
|
// This state is only transitioned from INITIAL state, and solely
|
||||||
|
// used to signal 431 status code to the client.
|
||||||
|
HTTP1_REQUEST_HEADER_TOO_LARGE,
|
||||||
};
|
};
|
||||||
void set_request_state(int state);
|
void set_request_state(int state);
|
||||||
int get_request_state() const;
|
int get_request_state() const;
|
||||||
|
|
|
||||||
|
|
@ -93,6 +93,9 @@ int htp_hdr_keycb(http_parser *htp, const char *data, size_t len) {
|
||||||
ULOG(INFO, upstream) << "Too large header block size="
|
ULOG(INFO, upstream) << "Too large header block size="
|
||||||
<< downstream->get_request_headers_sum() + len;
|
<< downstream->get_request_headers_sum() + len;
|
||||||
}
|
}
|
||||||
|
if (downstream->get_request_state() == Downstream::INITIAL) {
|
||||||
|
downstream->set_request_state(Downstream::HTTP1_REQUEST_HEADER_TOO_LARGE);
|
||||||
|
}
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
if (downstream->get_request_state() == Downstream::INITIAL) {
|
if (downstream->get_request_state() == Downstream::INITIAL) {
|
||||||
|
|
@ -105,6 +108,8 @@ int htp_hdr_keycb(http_parser *htp, const char *data, size_t len) {
|
||||||
ULOG(INFO, upstream) << "Too many header field num="
|
ULOG(INFO, upstream) << "Too many header field num="
|
||||||
<< downstream->get_request_headers().size() + 1;
|
<< downstream->get_request_headers().size() + 1;
|
||||||
}
|
}
|
||||||
|
downstream->set_request_state(
|
||||||
|
Downstream::HTTP1_REQUEST_HEADER_TOO_LARGE);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
downstream->add_request_header(std::string(data, len), "");
|
downstream->add_request_header(std::string(data, len), "");
|
||||||
|
|
@ -139,6 +144,9 @@ int htp_hdr_valcb(http_parser *htp, const char *data, size_t len) {
|
||||||
ULOG(INFO, upstream) << "Too large header block size="
|
ULOG(INFO, upstream) << "Too large header block size="
|
||||||
<< downstream->get_request_headers_sum() + len;
|
<< downstream->get_request_headers_sum() + len;
|
||||||
}
|
}
|
||||||
|
if (downstream->get_request_state() == Downstream::INITIAL) {
|
||||||
|
downstream->set_request_state(Downstream::HTTP1_REQUEST_HEADER_TOO_LARGE);
|
||||||
|
}
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
if (downstream->get_request_state() == Downstream::INITIAL) {
|
if (downstream->get_request_state() == Downstream::INITIAL) {
|
||||||
|
|
@ -425,9 +433,15 @@ int HttpsUpstream::on_read() {
|
||||||
|
|
||||||
unsigned int status_code;
|
unsigned int status_code;
|
||||||
|
|
||||||
if (downstream &&
|
if (downstream) {
|
||||||
downstream->get_request_state() == Downstream::CONNECT_FAIL) {
|
if (downstream->get_request_state() == Downstream::CONNECT_FAIL) {
|
||||||
status_code = 503;
|
status_code = 503;
|
||||||
|
} else if (downstream->get_request_state() ==
|
||||||
|
Downstream::HTTP1_REQUEST_HEADER_TOO_LARGE) {
|
||||||
|
status_code = 431;
|
||||||
|
} else {
|
||||||
|
status_code = 400;
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
status_code = 400;
|
status_code = 400;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue