nghttpx: Send 431 if header field size exceeded the configuration limit
This commit is contained in:
parent
8c6f9e899f
commit
ea8a566d98
|
@ -193,6 +193,10 @@ public:
|
|||
// header contains invalid header field. We can safely send error
|
||||
// response (502) to a client.
|
||||
MSG_BAD_HEADER,
|
||||
// header fields in HTTP/1 request exceed the configuration limit.
|
||||
// This state is only transitioned from INITIAL state, and solely
|
||||
// used to signal 431 status code to the client.
|
||||
HTTP1_REQUEST_HEADER_TOO_LARGE,
|
||||
};
|
||||
void set_request_state(int state);
|
||||
int get_request_state() const;
|
||||
|
|
|
@ -93,6 +93,9 @@ int htp_hdr_keycb(http_parser *htp, const char *data, size_t len) {
|
|||
ULOG(INFO, upstream) << "Too large header block size="
|
||||
<< downstream->get_request_headers_sum() + len;
|
||||
}
|
||||
if (downstream->get_request_state() == Downstream::INITIAL) {
|
||||
downstream->set_request_state(Downstream::HTTP1_REQUEST_HEADER_TOO_LARGE);
|
||||
}
|
||||
return -1;
|
||||
}
|
||||
if (downstream->get_request_state() == Downstream::INITIAL) {
|
||||
|
@ -105,6 +108,8 @@ int htp_hdr_keycb(http_parser *htp, const char *data, size_t len) {
|
|||
ULOG(INFO, upstream) << "Too many header field num="
|
||||
<< downstream->get_request_headers().size() + 1;
|
||||
}
|
||||
downstream->set_request_state(
|
||||
Downstream::HTTP1_REQUEST_HEADER_TOO_LARGE);
|
||||
return -1;
|
||||
}
|
||||
downstream->add_request_header(std::string(data, len), "");
|
||||
|
@ -139,6 +144,9 @@ int htp_hdr_valcb(http_parser *htp, const char *data, size_t len) {
|
|||
ULOG(INFO, upstream) << "Too large header block size="
|
||||
<< downstream->get_request_headers_sum() + len;
|
||||
}
|
||||
if (downstream->get_request_state() == Downstream::INITIAL) {
|
||||
downstream->set_request_state(Downstream::HTTP1_REQUEST_HEADER_TOO_LARGE);
|
||||
}
|
||||
return -1;
|
||||
}
|
||||
if (downstream->get_request_state() == Downstream::INITIAL) {
|
||||
|
@ -425,9 +433,15 @@ int HttpsUpstream::on_read() {
|
|||
|
||||
unsigned int status_code;
|
||||
|
||||
if (downstream &&
|
||||
downstream->get_request_state() == Downstream::CONNECT_FAIL) {
|
||||
if (downstream) {
|
||||
if (downstream->get_request_state() == Downstream::CONNECT_FAIL) {
|
||||
status_code = 503;
|
||||
} else if (downstream->get_request_state() ==
|
||||
Downstream::HTTP1_REQUEST_HEADER_TOO_LARGE) {
|
||||
status_code = 431;
|
||||
} else {
|
||||
status_code = 400;
|
||||
}
|
||||
} else {
|
||||
status_code = 400;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue