x/net/http2: Unhandled Setting: [MAX_HEADER_LIST_SIZE = 1048896] #13959
Comments
|
This isn't worth it for Go 1.6. Similar to #14048 (validate transmitted header field names & values), this would involve making the Transport fail earlier before transmitting anything, telling the user that the server is likely to reject it. (except in #14048's case, the rejection is due to a spec violation, not an "advisory" soft limit, as this is). |
|
This is tricky because it requires us to back up the hpack encoder state if we find out we wrote too much in [1] Remember that this isn't about the hpack-encoded bytes size, but the Sum(EachField(len(key)+len(value)+32)-ish thing:
I'm demoting this to a Go1.7Maybe. |
bradfitz
added
help wanted
NeedsFix
|
(I'm going away for a month. If anybody else wants to fix this before Jun 23rd, feel free.) |
|
Is this issue still up for grabs? |
|
Yes. |
|
Ok, I'll have a look. My idea is to update (*ClientConn) encodeHeaders to implement your second suggestion from above, i.e., do a first pass counting bytes, then a second pass to write the headers. Does that sound reasonable? |
|
Above comment refers to client-side only. Looking into the server side, I see there is a corresponding encodeHeaders function, but it seems there are also a few calls to encKV sprinkled throughout write.go. These additional calls to encKV are responsible for only a few tens of bytes I would guess, and at first glance it looks like they could all be shoehorned into encodeHeaders anyway. |
|
CL https://golang.org/cl/29242 mentions this issue. |
|
CL https://golang.org/cl/29243 mentions this issue. |
|
I've mailed a changelist covering only the client portion in order to get feedback before I start on the server side (assuming we even want to handle this on the server). |
|
/cc @tombergan |
Add a new peerMaxHeaderListSize member to ClientConn which records the SETTINGS_MAX_HEADER_LIST_SIZE requested by the client's peer, and respect this limit in (*ClientConn) encodeHeaders / encodeTrailers. Attempting to send more than peerMaxHeaderListSize bytes of headers or trailers will result in RoundTrip returning errRequestHeaderListSize. Updates golang/go#13959 Change-Id: Ic707179782acdf8ae543429ea1af7f4f30e67e59 Reviewed-on: https://go-review.googlesource.com/29243 Run-TryBot: Tom Bergan <tombergan@google.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Tom Bergan <tombergan@google.com>
|
The client-side fix has been committed. Thanks @tombergan for reviewing. It will be at least a month before I have a chance to look into the server-side (laptop dead, parts on the slow boat from China), so If anyone else wants to tackle it before then, feel free. |
|
Change https://golang.org/cl/71611 mentions this issue: |
Add a new peerMaxHeaderListSize member to ClientConn which records the SETTINGS_MAX_HEADER_LIST_SIZE requested by the client's peer, and respect this limit in (*ClientConn) encodeHeaders / encodeTrailers. Attempting to send more than peerMaxHeaderListSize bytes of headers or trailers will result in RoundTrip returning errRequestHeaderListSize. Updates golang/go#13959 Change-Id: Ic707179782acdf8ae543429ea1af7f4f30e67e59 Reviewed-on: https://go-review.googlesource.com/29243 Run-TryBot: Tom Bergan <tombergan@google.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Tom Bergan <tombergan@google.com>
The Go http2 server sends MAX_HEADER_LIST_SIZE in its initial SETTINGS frame, but the Transport doesn't use it.
Fix.
/cc @bmizerany
The text was updated successfully, but these errors were encountered: