nghttpx: Send 431 if header field size exceeded the configuration limit

This commit is contained in:
Tatsuhiro Tsujikawa 2015-04-29 21:39:46 +09:00
parent 8c6f9e899f
commit ea8a566d98
2 changed files with 21 additions and 3 deletions

View File

@ -193,6 +193,10 @@ public:
// header contains invalid header field. We can safely send error
// response (502) to a client.
MSG_BAD_HEADER,
// header fields in HTTP/1 request exceed the configuration limit.
// This state is only transitioned from INITIAL state, and solely
// used to signal 431 status code to the client.
HTTP1_REQUEST_HEADER_TOO_LARGE,
};
void set_request_state(int state);
int get_request_state() const;

View File

@ -93,6 +93,9 @@ int htp_hdr_keycb(http_parser *htp, const char *data, size_t len) {
ULOG(INFO, upstream) << "Too large header block size="
<< downstream->get_request_headers_sum() + len;
}
if (downstream->get_request_state() == Downstream::INITIAL) {
downstream->set_request_state(Downstream::HTTP1_REQUEST_HEADER_TOO_LARGE);
}
return -1;
}
if (downstream->get_request_state() == Downstream::INITIAL) {
@ -105,6 +108,8 @@ int htp_hdr_keycb(http_parser *htp, const char *data, size_t len) {
ULOG(INFO, upstream) << "Too many header field num="
<< downstream->get_request_headers().size() + 1;
}
downstream->set_request_state(
Downstream::HTTP1_REQUEST_HEADER_TOO_LARGE);
return -1;
}
downstream->add_request_header(std::string(data, len), "");
@ -139,6 +144,9 @@ int htp_hdr_valcb(http_parser *htp, const char *data, size_t len) {
ULOG(INFO, upstream) << "Too large header block size="
<< downstream->get_request_headers_sum() + len;
}
if (downstream->get_request_state() == Downstream::INITIAL) {
downstream->set_request_state(Downstream::HTTP1_REQUEST_HEADER_TOO_LARGE);
}
return -1;
}
if (downstream->get_request_state() == Downstream::INITIAL) {
@ -425,9 +433,15 @@ int HttpsUpstream::on_read() {
unsigned int status_code;
if (downstream &&
downstream->get_request_state() == Downstream::CONNECT_FAIL) {
status_code = 503;
if (downstream) {
if (downstream->get_request_state() == Downstream::CONNECT_FAIL) {
status_code = 503;
} else if (downstream->get_request_state() ==
Downstream::HTTP1_REQUEST_HEADER_TOO_LARGE) {
status_code = 431;
} else {
status_code = 400;
}
} else {
status_code = 400;
}